[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian security.

The only security that you can guarantee is what you do to the server to secure it.  Even Microsoft doesn't guarantee security.

On 4/3/06, Steve Block < scblock@ev-15.com> wrote:
On Mon, Apr 03, 2006 at 01:44:16PM +0200, Jan Schledermann wrote:
>Surachai Locharoen wrote:
>> Is there any body guarantee debian security. I want to install debian as
>> my server instead of redhat as3 server which just attack by Phishing.
>> Kan
>Nope no guaranties! But you won't get such guaranties from ANY other os
>supplier either.
>Security of software is much more dependant on the systems architect and
>sysadmin than the software itself. A knowledgable person can secure almost
>any software and a moron can mess up everything.
>Debian is a very flexible distro which will allow you a lot of control over
>your environment with relative ease. YOU and your decisions and strategy
>determines the level of safety ultimately achieved.

Of course there are no guarantees, but someone should at least mention
that Debian has a security team that tries to stay up to date with
current security issues and releases fixed versions of packages (via
security.debian.org) that can be installed easily using apt-get.

This won't help with vulnerable third party php programs however, as I
learned when someone used the xmlrpc bug to install a warez ftp server
on my colocated machine.

Steve Block

To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: