Re: Debian or Linux 7???

To: Steve Rudd <srudd@bible.ca>
Cc: debian-user@lists.debian.org
Subject: Re: Debian or Linux 7???
From: Known Human Nick Rusnov <nick@grawk.net>
Date: Mon, 19 Feb 2001 15:26:11 -0800
Message-id: <[🔎] 200102192326.f1JNQBB19563@mickey.grawk.net>
In-reply-to: Your message of "Mon, 19 Feb 2001 18:11:55 EST." <[🔎] 5.0.2.1.2.20010219181105.0262ab10@bible.ca>

Greetings,

Security is really a very complex subject, and judging the relative
security of various distributions is difficult. What is really the
important consideration is the policy of the system and organization
behind it.

Debian, I know, has a strong security policy; the developers actively
track and fix security flaws and try to prevent new ones from being
introduced. Debian usually has a default secure installation, or else
has big warnings if a particular package is insecure in its default
state (and then usually has instructions on how to make it secure).
Debian is also very nice in that its easy to keep packages upgraded,
tracking security fixes as they come out. Debian is usually on top of
security fixes, releasing updated packages very quickly after flaws
are discovered.

To be fair, I'm sure that RedHat does this too for the most part.

A major issue, though, is keeping the system updated and tracking the
latest security fixes. This is easy under Debian (almost a no-braner
thanks to Apt), but harder under current versions of RedHat (I would
assume, given that it lacks apt). 

The other issue is securing the system. Its usually impossible to assume
that the system is secure given the default configuration, and certainly
impossible to assume it to be so after useful packages have been installed
and users have used the system. 

Keeping a system secure is really very much an ongoing process, sad but
true, it takes monitoring, regular backups and keeping up with new security
issues. Debian goes a long way to helping you with the later, the others
are the real hard work, I guess.

And finally, the kernel is very rarely the entry point of a crack, it is
almost always a user-space program that is at fault (such as recent BIND
attacks, wu-ftp type things, etc).

Good luck.


In message <[🔎] 5.0.2.1.2.20010219181105.0262ab10@bible.ca>it was written:
>I am frustrated with the linux 2.2 kernel. I have had two hacks in 3 months 
>and I am going broke rebuilding my server.
>
>I went out and bought Redhat 7, and got hacked 6 weeks later.
>
>I have been placed in contact with a guy who wants me to use Debian. But if 
>it based upon the same kernel as redhat, how is it going to be more secure? 
>I checked and found that
>
>from (http://www.securityfocus.com/)
>Security risks for years: 1997-2000 respectively:
>Debian 3, 2, 32, 45, 12
>RedHat 6, 10, 49, 85, 20
>
>So Debian is about twice as good as redhat, but that is not real reassuring.
>
>I am considering joining the debian family, but am a bit concerned about 
>security.
>
>Just how much more secure is Debian than redhat?
>
>Thanks!
>
>Steve Rudd
>
>
>-- 
>To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
>with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
as always,
nick
            nick@grawk.net * http://www.fargus.net/nick
    Developer - Systems Engineer - Mad System Guru - MOO Sales
    he picks up scraps of information/he's adept at adaptation
because for strangers and arrangers/constant change is here to stay

Reply to:

References:
- Debian or Linux 7???
  - From: Steve Rudd <srudd@bible.ca>

Prev by Date: Re: Push mirror?
Next by Date: Re: Debian or Linux 7???
Previous by thread: Re: Debian or Linux 7???
Next by thread: Re: Debian or Linux 7???
Index(es):
- Date
- Thread