Security Basics mailing list archives
Re: Linux Distribution Recomendation
From: peter () devbox adamantix org (Peter Busser)
Date: Fri, 5 Mar 2004 13:52:17 +0100
Hi!
For what it's worth, if you want a really secure *nix system, I would seriously recommend OpenBSD. AFAIK, it's probably one of the most secure *nix distro's out there right now, and personally I wouldn't say that learning BSD over Linux is tough at all, if you can work a Unix system, you're halfway there. Also the really good point here is that OpenBSD boasts openly on their website, "Only one remote hole in the default install, in more than 7 years!" Which is damn right impressive if you ask me, and AFAIK the remote hole was cause via a flaw in SSH.
You may be impressed, but I don't think it says much. ``One remote hole in more than 7 years'' is a statistic. There are lies, damned lies and statistics. If you look in the Full-Disclosure and Bugtraq archives, you will find discussions about the difference in terminology used by the OpenBSD people and the rest of the world. For instance, when an exploitable kernel bug is fixed, it is called a ``reliability fix''. If you are looking for security related products, I think it is wise to look at what those products cannot do instead of what they can do. Perfect security does not exist. Therefore every product has got to have weaknesses. An honest vendor or project will be able to tell you about them. If not, then either they don't know what they are talking about or they try to deceive you. Groetjes, Peter Busser --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: Linux Distribution Recomendation, (continued)
- Re: Linux Distribution Recomendation D.E. Chadbourne (Mar 03)
- Re: Linux Distribution Recomendation Brian Whitehead (Mar 03)
- Re: Linux Distribution Recomendation Vincent (Mar 03)
- Re: Linux Distribution Recomendation Peter Busser (Mar 04)
- Re: Linux Distribution Recomendation Vincent (Mar 08)
- Re: Linux Distribution Recomendation Peter Busser (Mar 11)
- Re: Linux Distribution Recomendation Vincent (Mar 15)
- Re: Linux Distribution Recomendation Peter Busser (Mar 16)
- Re: Linux Distribution Recomendation Peter Busser (Mar 04)
- Re: Linux Distribution Recomendation Peter Busser (Mar 08)