Re: Debian or Red Hat (was:Re: Debian or Linux 7???)
FWIW, I have had a 486 16MB firewall running Coyote
Linux 24/7 since July '00. The 4 machines behind it
run Linux (variously, debian, mandrake) and M$ Windoze
The only hit has been when I made a modem connection
with M$ Outlook on that machine and the hit was
confined to that machine.
Take a look at www.coyotelinux.com.
-Bill
--- John Galt <galt@inconnu.isu.edu> wrote:
>
> FYI, your subject is WRONG. Linux is trademarked by
> Linus Torvalds, an
> employee of Transmeta. Calling RedHat "linux" is no
> more accurate than
> calling Debian "linux". To be more exact, it is Red
> Hat Linux v 7.0 AND
> Debian GNU/Linux v 2.2r2. I forsee only trouble if
> you continue to refer
> to Red Hat 7 as Linux 7 often on Debian
> mailinglists...
>
> On Mon, 19 Feb 2001, Steve Rudd wrote:
>
> >Hi!
> >
> >I am frustrated with the linux 2.2 kernel. I have
> had two hacks in 3 months
> >and I am going broke rebuilding my server.
>
> The 2.2 kernel isn't the issue, your configuration
> is. Crackers don't
> often break in via insecurities in the kernel, they
> usually use a service
> or other program that they can get to remotely
>
> >I went out and bought Redhat 7, and got hacked 6
> weeks later.
>
> Not surprising: .0 releases of RH are always risky.
>
> >I have been placed in contact with a guy who wants
> me to use Debian. But if
> >it based upon the same kernel as redhat, how is it
> going to be more secure?
> >I checked and found that
>
> A few things that RH does insecurely, Debian does a
> bit more securely.
> But that security comes at a cost of some of the
> "ease of use" features in
> Red Hat.
>
> >from (http://www.securityfocus.com/)
> >Security risks for years: 1997-2000 respectively:
> >Debian 3, 2, 32, 45, 12
> >RedHat 6, 10, 49, 85, 20
>
> There are three types of lies: lies, damn lies, and
> statistics.
>
> >So Debian is about twice as good as redhat, but
> that is not real reassuring.
>
> What do you want, OpenBSD-type security? Got a
> couple of four years to do
> a code audit?
>
> >I am considering joining the debian family, but am
> a bit concerned about
> >security.
>
> Right now, it sounds like you need to solve the
> PEBCAK issue first.
> Security is something that happens in the Sysadmin's
> mind first: once it's
> there, the most insecure OS in the world will become
> secure. Turn off all
> unneded services; update early and often; if
> something is widely
> considered buggy, consider alternatives; try
> breaking in [to your own
> computer, natch] yourself a couple of times--if you
> can do it, so can
> others; go on a SUID killing spree; countless
> things...
>
> >Just how much more secure is Debian than redhat?
>
> Slightly. Debian will probably give you the space
> you need to learn
> security before you get killed, while Red Hat
> compresses the learning
> curve, but leaves some obvious holes.
>
> >Thanks!
> >
> >Steve Rudd
> >
> >
> >
>
> --
> I can be immature if I want to, because I'm mature
> enough to make my own
> decisions.
>
> Who is John Galt? galt@inconnu.isu.edu
>
>
> --
> To UNSUBSCRIBE, email to
> debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35
a year! http://personal.mail.yahoo.com/
Reply to: