Re: Comparing Windows Bastions to Linux Bastions

[Chris Travers <chris () travelamericas com>]

Hi Gregory;

The O'Reilly book "Building Internet Firewalls" has a good section on 
Windows and *nix bastions.  

My own perspective is that Windows hosts tend to be more complicated 
from a security perspective because of hidden dependencies, etc (for 
example does your web app require COM+?  How do you know?), and the 
secure administrative interfaces tend to be more complex as well.  This 
is a problem for Windows.  Also, remember that most Windows Updates 
require a reboot, while most updates on *nix systems require that a 
specific service is restarted.

However, a large percentage of security incidents are preventable by 
good administration practices.  So, the admin is more important than the 
platform.

Just my 2 cents worth.

Best Wishes,
Chris Travers

BYRD,GREGORY (HP-Boise,ex1) wrote:

> Everyone,
>
> I'm looking for information comparing Windows Bastions to Linux Bastions
> (positives and negatives). I've looked through the list archive, as well as
> plundered through Google (web and groups), but nothing worthwhile.
> Hopefully someone on this list knows or has a document that can help.
>
> Thanks in advance,
> Greg
>
>
>
>
>
>
>