Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
two questions, win2k security and openwall
- Thread starter metrix007
- Start date
Why ask a Win2k question here?
As to the Linux vs. BSD debate, security is a journey, not a destination.
I have a machine here in my office that is extremely secure at this moment. That's because it is not connected to the net and is physically shut off. It also has nothing worth stealing. It's secure, but it's also useless.
It's actually pretty easy to secure computers. The hard part is having them do anything useful and remain secure- the more services and functions you have, the less security. So while someone might make a general statement that they think bsd security is better than linux, that is a general statement- until you get to the specifics of what's running and how, you haven't said much.
And of course when you do have a real case to look at, the complexity is very likely to make a simple forum type answer impossible. Security experts get paid very well for looking into the specifics of how you do whatever it is you do. If you are just serving html pages, that's one thing. Add cgi scripts and that's something else. And so on.
Finally, as my very first sentence implies, nothing in security is static. What seems secure today is not tomorrow. When you add new functionality ( a VPN for the VP of finance), new exposures arise and the damce goes on.
I'll now turn you over to the inevitable succession of bsd and linux zealots who will argue the relative merits to death. Some of what they will have to say is worth listening to. Most of it probably won't be
Tony Lawrence
SCO Unix/Linux Resources tony@pcunix.com
As to the Linux vs. BSD debate, security is a journey, not a destination.
I have a machine here in my office that is extremely secure at this moment. That's because it is not connected to the net and is physically shut off. It also has nothing worth stealing. It's secure, but it's also useless.
It's actually pretty easy to secure computers. The hard part is having them do anything useful and remain secure- the more services and functions you have, the less security. So while someone might make a general statement that they think bsd security is better than linux, that is a general statement- until you get to the specifics of what's running and how, you haven't said much.
And of course when you do have a real case to look at, the complexity is very likely to make a simple forum type answer impossible. Security experts get paid very well for looking into the specifics of how you do whatever it is you do. If you are just serving html pages, that's one thing. Add cgi scripts and that's something else. And so on.
Finally, as my very first sentence implies, nothing in security is static. What seems secure today is not tomorrow. When you add new functionality ( a VPN for the VP of finance), new exposures arise and the damce goes on.
I'll now turn you over to the inevitable succession of bsd and linux zealots who will argue the relative merits to death. Some of what they will have to say is worth listening to. Most of it probably won't be
Tony Lawrence
SCO Unix/Linux Resources tony@pcunix.com
- Thread starter
- #3
thanks pcunix, sorry about the win2k question, i did not get a response in the win2k section *shrug*
i read the article athere: and at security focus: and was wondering how those systems combined on a slackware box would compare to the default openbsd install.
i read the article athere: and at security focus: and was wondering how those systems combined on a slackware box would compare to the default openbsd install.
- Status
Similar threads
- Locked
- Question
- Locked
- Question