Re: Quality of security assurance with Debian vs. RedHat vs. SuSE

Wed, 12 Jun 2002 04:25:21 -0500 

On Tue, Jun 11, 2002 at 05:53:35PM +0200, Eduard Bloch wrote:
> Hello people,
> 
> I look for good comparison about the security of Debian and Redhat or
> SuSE systems, especial about number of found local exploits or DOS
> attacks. I assume that Debian Stable should be less invulnerable since
> the software is more tested, but I would need some argumentation help to
> convince people impressed by Redhat or SuSE.
> 
        I cannot offer a comparison but I can offer some raw data
regarding Debian's work at security. As some other people said previously
the security issues between distributions are usually the same (since they
provide the same software, even if different versions), however if you
want to compare quality assurance you might want to check how security is
supported in Debian vs. other distros:

1.- ¿How fast are security issues fixed? See
http://www.debian.org/News/weekly/2001/34/ for raw data regarding the time
it took (last year) to fix any given vulnerability reported at bugtraq

2.- ¿How is the distribution providing security? See
http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html

        Fact #1: Debian (woody) provides Bastille, neither RedHat nor SUSE
        (Mandrake I think does) provides it (or supports it)

        Fact #2: Debian  provides more security tools than other distros.

        Fact #3: Debian standard installation is more secure (this usually
        goes against usability), other distros tend to either install
        by default a lot of services or do not properly configure them
        (remember the Ramen or Lion worms). It's not as strict as OpenBSD
        (no demons are active per default) but it's a good compromise
        IMHO

3.- ¿How is security documented? I don't know of other distros providing
documentation regarding security like Debian does (there are, however,
third party  documents available at Linuxdoc, and the "Securing and
Optimizing Linux: RedHat Edition" is a great document)


        Well. I (hopefully) have made some strong points you could use in
your argumentation, however see answer to question 1 of the FAQ at the
"Securing Debian Manual":
http://www.debian.org/doc/manuals/securing-debian-howto/ch11.en.html#s11.1
That's usually the strongest point.

        Javi


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to