On Tue, May 25, 2010 at 10:05 PM, Anoop Alias <[email protected]> wrote: > *BSD may be secure ;maybe more flexible ;but there is always a learning > curve ;so why not go for a iptables and use a GNU/Linux instead? .I am sure > you will get much more docs and third party howtos on GNU/Linux since it has > a much larger user base. >
beleive me. the PF syntax is much much more simple and straight forward than iptables. It is almost like spoken english language :-) and the logic is also very simple than iptables. about the learning curve it is not as big as one would face when comming from windows to linux :-) the docs are very much there as handbooks and FAQs in the OS website. > From a security point of view ;i guess any OS ( including MS windows ) have > same strength . > Not true at all. Haven't you heard about zero day exploits MS Windows have had? >Security often comes from knowing the do's and dont's and > often educating all users about simple security loopholes. > No fully true. educating users is very very important but how can it deter threats that exists because of inherent flaws in the tools/software used to implement it? > Make the system as simple as possible - simplicity often provides good > security . > Yes for certain definitions of 'simplicity' For some a 4 letter password is 'simplicity'. It is secure? > Keep os updated of the latest security fixed packages. > Very Right. The Problems with MS Windows are that they dont have updates at the right time :-( Not even after a long time some times. e.g http://www.dailytech.com/First+Windows+7+ZeroDay+Exploit+Airs+But+Danger+Isnt+Great+For+Most/article16817.htm if you need more check for 'zero day exploits' in google. Not that BSD or Linux is perfect. But if you look at the freequency it is mostly windows > Linux > BSD in terms of security flaws. Now dont take this to a flame war. Because I use all of this stuff for the appropriate things in my work place and have no personal prejudice. just telling the facts. > Pray to God! - and you are safe. > yes i truly beleive " Unless the Lord guards the city the watchmen stay awake in vain :-)" but if you work in this field of internet/network/computer security you will find that securtiy is much more complex than what is defined by a few slogans or axioms about it. And the sad fact is that there are so called security firms spurting out every where whic does not take a comprehensive look on security but are content to base it on certain axioms and slogans. By the way out of curiosity, do you work in the area of security? may be i could lean some stuff I dont know from you too :-) Learning and keep on learning is vital for security :-) regards --Siju _______________________________________________ Indian Libre User Group Cochin Mailing List http://www.ilug-cochin.org/mailing-list/ http://mail.ilug-cochin.org/mailman/listinfo/mailinglist_ilug-cochin.org #[email protected]
