Steve Rudd wrote: > Just how much more secure is Debian than redhat?
security on any system is only as good as the person running it. if your not confertable with linux or don't want to take the time to properly secure it i would suggest a couple of alternatives: - linux mandrake. it has a easy to use security system. to have a secure system you select the security "mode" you want to be in, and it shuts off and reconfigures things accordingly. but for a server, it may not be as good as it doesn't tell you what it's shutting off or reconfiguring but its good for workstations. - openBSD - it doesn't support the amount of hardware that linux does but when it does work it works pretty good. it has a VERY secure out-of-the-box installation. however it is also not as functional out-of-the-box. so it depends on your needs. in any case, as i pointed out above, any system on any platform(unix, linux win32 etc) is only as secure as the people running the systems. website defacements on big sites like gateway and new york times which run IIS on NT/win2k are proof that even some of the big guys don't have the realization to hire people who know what they are doing, or don't hire enough staff to maintain the systems (maybe existing admins are really good but just overloaded with work). that said, debian can be said it is more secure then redhat as it uses overall older packages, whereas redhat usually is near the leading edge. and of course systems which you allow shell access to are much more vulerable then systems that do not allow logins. debian's testing before a release seems to be much longer and more thorough then most other systems. the security problems may not even be related to linux, its very common for systems to get compromised by having poorly coded cgi scripts on websites, or weak passwords, or poorly configured Samba/ftp. or even some 3rd party application could be the cause of a system breakin. that bein said, if you've been broken into twice it is likely that whoever did it may be keeping tabs on your system, so if you want to do it right you need someone that can do it right. or don't do it at all. or expect to get broken into again. nate -- ::: ICQ: 75132336 http://www.aphroland.org/ http://www.linuxpowered.net/ [EMAIL PROTECTED]
