[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian security.

On Mon, Apr 03, 2006 at 01:44:16PM +0200, Jan Schledermann wrote:
Surachai Locharoen wrote:

Is there any body guarantee debian security. I want to install debian as
my server instead of redhat as3 server which just attack by Phishing.

Nope no guaranties! But you won't get such guaranties from ANY other os
supplier either.
Security of software is much more dependant on the systems architect and
sysadmin than the software itself. A knowledgable person can secure almost
any software and a moron can mess up everything.

Debian is a very flexible distro which will allow you a lot of control over
your environment with relative ease. YOU and your decisions and strategy
determines the level of safety ultimately achieved.

Of course there are no guarantees, but someone should at least mention that Debian has a security team that tries to stay up to date with current security issues and releases fixed versions of packages (via security.debian.org) that can be installed easily using apt-get.

This won't help with vulnerable third party php programs however, as I learned when someone used the xmlrpc bug to install a warez ftp server on my colocated machine.

Steve Block

Reply to: