[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

FW: debian newbie questions -- security


When people ask me this question, i usually direct them to monitor the
amount of security updates and patches released for Redhat on the website
and then have a look at the same thing on the Debian website.

The proof is there ....


frankly i dont know how anyone applies alll those Red Hat updates, they must
have more time than me ...



-Matt

-----Original Message-----
From: Young, C Bryan [mailto:cbyoung@ukans.edu]
Sent: Saturday, 12 May 2001 1:12 AM
To: Debian User (E-mail)
Subject: debian newbie questions -- security


All---

And I thought the RedHat list I subscribe to was active!

I'm considering a switch from RH 6.2 to Debian stable for a dual-processor
workstation I use for crunching numbers and making graphs/plots with GMT.
I'm thinking about the move because I just can't keep up with manual updates
on RH, and apt-get seems to be a whole lot more time-effective way to keep
my system secure.  I've purchased the Debian disks, but before I invest this
amount of time into setting up Debian, I want to make sure that I've made
the right decision.  If someone could please answer my questions from an
informed and preferably unbiased position (hard to come by in forums where
GNU/Linux or BSD are discussed), I'd MUCH appreciate it.

1)  In a couple of places, I've seen people criticize Debian's security
because the stable release uses 'out-of-date' packages.  My understanding is
that Debian developers apply security patches to 'older' packages, while
leaving the 'bleeding edge' features out.  All other things being equal,
will RH 7.1 or Debian Potato be more secure?  My belief is that security
comes down to a maintenance issue -- and with Debian it will be easier to
keep up with security patches.

2)  I've found that it is really easy to find/get help on RH questions --
i.e., there are a lot of books in print that focus on RH.  Can anyone give
me titles for essential Debian books?

3)  I want to have a system that is as secure as possible without
sacrificing usability.  Where can I get good guidance on securing Debian?  I
understand the importance of shutting off non-essential services, using ssh
in place of ftp and telnet, etc.  I know this could draw the ire of some,
but has anyone worked up a 'cookbook' type approach whereby a new Debian
user can secure the system and learn a bit about security issues at the same
time (I'm thinking of something along the lines of Bastille Linux -- but a
typed out list of things to check for would suffice).

Thanks for your help and advice in advance -- from what I read, Debian is
the way for me to go.  Let me know your thoughts on this.

Thanks,

Bryan


--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: