Re: Newbie: RedHat 8 or OpenBSD??

["Ryan Parr" <ryanparr () thejamescompany com>]

> As to which version is 'more secure', that is (IMHO)
> entirely subjective and dependant on the experience of those that will
> be setting up and managing the server(s).

No argument here. No matter what experiences anyone else
has had, YMMV. You'd probably do best to perform an install
of both OS's and see which fits your needs best.

I've run both Redhat and OpenBSD for web servers. I actually had
more difficulty with Redhat than OpenBSD. 

The OpenBSD team has performed a near superhuman feat in 
their exceptional man pages, and you will honestly find *everything* 
you need in them. They have greatly reduced the voodoo of the
*nix's. OpenBSD also installs the minimum you need to 
have a secure, functioning server while Redhat's packaged
configurations can get pretty bulky and you may have to spend
some time taking things away to harden it. With OpenBSD you
have to add things to un-harden it :)

Redhat has very broad industry support, and
it's certainly easier to use RPM than OpenBSD's ports collection.

You just can't make an educated decision without trying them
both out. Take a couple weeks to test them. Try to break them.
It's worth your trouble.

----- Original Message ----- 
From: "Michael Vaughan" <list () predator-hunter com>
To: "'GSG Designs'" <gsgdesigns () hotmail com>
Cc: <security-basics () security-focus com>
Sent: Thursday, October 31, 2002 10:52 AM
Subject: RE: Newbie: RedHat 8 or OpenBSD??


In answer to your question..."It Depends".

It will depend on how experienced your engineers are with Linux.
OpenBSD can be a pain to install and configure.  RedHat on the other
hand is comparatively easy to setup. OpenBSD from what I understand is
the most secure version out of the box but again securing it 'could' be
a pain. However, you can get scripts to harden Redhat fairly well. In
addition, You CAN further Harden Redhat by patching the Kernel:
http://www.nsa.gov/selinux/index.html thereby further hardening the
Linux server.  As to which version is 'more secure', that is (IMHO)
entirely subjective and dependant on the experience of those that will
be setting up and managing the server(s).

Regards,
-Michael Vaughan
mvaughan () predator-hunter com

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/GMD/GO d+ s+:+ a32 C++ UL+++ P+ L+++!E W+++ N++ o- K- w++++ O- M+ V
PS--- PE+ Y+ PGP++ t+++@ 5-- X++ R- tv b++++ DI+++ D--- G++ e* h-- r--
z++
------END GEEK CODE BLOCK------

The information contained in this message may contain privileged and
confidential information and is intended only for the internal company
use of the individual or entity named above.  If the reader of this
message is not the intended recipient, or the employee or agent
responsible to deliver it to the intended recipient, you are hereby
notified that any examination, distribution or copying of this
communication is strictly prohibited.  Furthermore, any and all
recipients of this message are prohibited from engaging in the
unauthorized dissemination of the information contained herein to
person(s) outside the company.   If you have received this communication
in error, please notify sender immediately. 

-----Original Message-----
From: GSG Designs [mailto:gsgdesigns () hotmail com] 
Sent: Wednesday, October 30, 2002 3:56 PM
To: security-basics () security-focus com
Subject: Newbie: RedHat 8 or OpenBSD??

I'm fairly new to this, so please bare with me.  If this question has
been 
asked in the past, I apologize.  I'm new to the listserv as well.

We are discussing starting our own web server.  There is debate on
whether 
RedHat 8 or OpenBSD is more secure.  What are your thoughts?  We will be

doing online orders with credit card info, etc.  Do you have any
resources 
to point us to?  (We will be running Apache, probably a 'duh'.)

Thanks.






_________________________________________________________________
Broadband? Dial-up? Get reliable MSN Internet Access. 
http://resourcecenter.msn.com/access/plans/default.asp