best distro for security - Security

This is a discussion on best distro for security - Security ; In comp.os.linux.security notbob : > On 2006-08-24, Michael Heiming wrote: >> I fail to see the difference security wise if I run a web server, >> the usual LAMP setup on Linux or on *BSD..... > Me too. But, I'm ...

+ Reply to Thread
Page 3 of 3 FirstFirst 1 2 3
Results 41 to 58 of 58

Thread: best distro for security

  1. Re: best distro for security

    In comp.os.linux.security notbob :
    > On 2006-08-24, Michael Heiming wrote:


    >> I fail to see the difference security wise if I run a web server,
    >> the usual LAMP setup on Linux or on *BSD.....


    > Me too. But, I'm not a highly paid security professional. That's why
    > I take the advice of a person who is.


    highly paid != clueful

    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 362: Plasma conduit breach

  2. Re: best distro for security

    On 2006-08-24, Michael Heiming wrote:

    >
    > highly paid != clueful


    He could own you in about eight seconds

  3. Re: best distro for security

    "notbob" wrote in message
    news:mqWdneMvooEPInDZnZ2dnUVZ_u2dnZ2d@comcast.com

    >> highly paid != clueful

    >
    > He could own you in about eight seconds


    I'll bet you think George Bush must be smart because he's a President,
    right?


  4. Re: best distro for security

    On 2006-08-24, Patrick wrote:

    > I'll bet you think George Bush must be smart because he's a President,
    > right?


    Actually, I think he's even dumber than the dolts that elected ...twice!,
    fergawdsake... his sorry ass.

    nb

  5. Re: best distro for security

    notbob wrote:

    >
    >
    > On 2006-08-24, Michael Heiming wrote:
    >
    >>
    >> highly paid != clueful

    >
    > He could own you in about eight seconds


    Here,

    24.93.120.68

    have him go ahead and try.

    I know he will fail.

    --
    Dancin' in the ruins tonight
    mail: echo onub-hgbg@pbyhzohf.ee.pbz | perl -pe 'y/a-z/n-za-m/'
    Tayo'y Mga Pinoy

  6. Re: best distro for security

    On 2006-08-24, Baho Utot wrote:

    > have him go ahead and try.


    After being recruited from halfway around the World to head up the
    security dept of a prestigious European financial institution, he's
    going to drop everything to hack the box of some wonk in Pastafazoole
    Ohio. Sure pal. I'll get right on it.

    nb

  7. Re: best distro for security

    "notbob" wrote in message
    news:E-SdnfJPWLL4lXPZnZ2dnUVZ_rmdnZ2d@comcast.com

    >> I'll bet you think George Bush must be smart because he's a
    >> President, right?

    >
    > Actually, I think he's even dumber than the dolts that elected
    > ...twice!, fergawdsake... his sorry ass.


    He was only elected _once_, in 2004. In 2000 he was appointed by the Supreme
    Court.


  8. Re: best distro for security

    notbob writes:

    > On 2006-08-24, Baho Utot wrote:
    >
    > > have him go ahead and try.

    >
    > After being recruited from halfway around the World to head up the
    > security dept of a prestigious European financial institution, he's
    > going to drop everything to hack the box of some wonk in Pastafazoole
    > Ohio. Sure pal. I'll get right on it.
    >
    > nb


    In attempt to lighten this up a bit and it is somewhat related:

    Last year I met a guy who is some kind of customer support kind
    of guy working for SUN. His customers are various military sites
    in and around L.A. and those systems are running around the clock.
    The contracts are really picky about response time from service
    and down-time is not popular to say the least. "You think very hard
    and carefully before changing anything to such a system." he observed.

    So much for the preamble. Now comes the interisting part. The same
    people that dictate the support contracts for those unix systems
    happily buy off the shelf Windows systems for their office desk tops.
    "How safe is that?"

    --
    Martin Schöön

    "Problems worthy of attack
    prove their worth by hitting back"
    Piet Hein

  9. Re: best distro for security

    On Thu, 24 Aug 2006 07:22:46 +0200, Michael Heiming wrote:
    >I fail to see the difference security wise if I run a web server,
    >the usual LAMP setup on Linux or on *BSD, it is exactly the same
    >software you are running.


    OpenBSD patches some of the third party software that is included with
    the system, including Apache. So it's not exactly the same.

    >On the other hand soft- and hardware support is available 24/7
    >for Linux from all major vendors, not that I'd be aware of it
    >for *BSD?


    Maybe not from the major vendors, but there are plenty ways to get 24/7
    support on *BSD.

    --
    Maurice

  10. Re: best distro for security

    In comp.os.linux.security Maurice Janssen :
    > On Thu, 24 Aug 2006 07:22:46 +0200, Michael Heiming wrote:
    >>I fail to see the difference security wise if I run a web server,
    >>the usual LAMP setup on Linux or on *BSD, it is exactly the same
    >>software you are running.


    > OpenBSD patches some of the third party software that is included with
    > the system, including Apache. So it's not exactly the same.


    Redhat includes some patches into their httpd package as most
    other distro do, so it is not exactly the same? Of course not,
    but I beg to differ there's a real difference in the core of the
    packages which is built from exactly the same sources, though
    versions used might differ.

    >>On the other hand soft- and hardware support is available 24/7
    >>for Linux from all major vendors, not that I'd be aware of it
    >>for *BSD?


    > Maybe not from the major vendors, but there are plenty ways to get 24/7
    > support on *BSD.


    Including hardware support out of one source?

    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 138: BNC (brain not connected)

  11. Re: best distro for security

    On Fri, 25 Aug 2006 13:16:33 +0200, Michael Heiming wrote:
    >In comp.os.linux.security Maurice Janssen :
    >> On Thu, 24 Aug 2006 07:22:46 +0200, Michael Heiming wrote:
    >>>I fail to see the difference security wise if I run a web server,
    >>>the usual LAMP setup on Linux or on *BSD, it is exactly the same
    >>>software you are running.

    >
    >> OpenBSD patches some of the third party software that is included with
    >> the system, including Apache. So it's not exactly the same.

    >
    >Redhat includes some patches into their httpd package as most
    >other distro do, so it is not exactly the same? Of course not,
    >but I beg to differ there's a real difference in the core of the
    >packages which is built from exactly the same sources, though
    >versions used might differ.


    I don't know how much is patched. The OpenBSD patches for gcc are
    documented here:
    http://www.openbsd.org/cgi-bin/man.c...ocal&sektion=1
    As you can see, it includes more than just some trivial changes.

    >>>On the other hand soft- and hardware support is available 24/7
    >>>for Linux from all major vendors, not that I'd be aware of it
    >>>for *BSD?

    >
    >> Maybe not from the major vendors, but there are plenty ways to get 24/7
    >> support on *BSD.

    >
    >Including hardware support out of one source?


    Sure, why not? Take a look at the following sites if you're interested.
    http://www.openbsd.org/support.html
    http://www.netbsd.org/gallery/consultants.html
    http://www.freebsd.org/commercial/

    Some of them give only software support, some of them also can give
    hardware support.

    --
    Maurice

  12. Re: best distro for security

    In comp.os.linux.security Maurice Janssen :
    > On Fri, 25 Aug 2006 13:16:33 +0200, Michael Heiming wrote:
    >>In comp.os.linux.security Maurice Janssen :
    >>> On Thu, 24 Aug 2006 07:22:46 +0200, Michael Heiming wrote:
    >>>>I fail to see the difference security wise if I run a web server,
    >>>>the usual LAMP setup on Linux or on *BSD, it is exactly the same
    >>>>software you are running.


    >>> OpenBSD patches some of the third party software that is included with
    >>> the system, including Apache. So it's not exactly the same.


    >>Redhat includes some patches into their httpd package as most
    >>other distro do, so it is not exactly the same? Of course not,
    >>but I beg to differ there's a real difference in the core of the
    >>packages which is built from exactly the same sources, though
    >>versions used might differ.


    > I don't know how much is patched. The OpenBSD patches for gcc are
    > documented here:
    > http://www.openbsd.org/cgi-bin/man.c...ocal&sektion=1
    > As you can see, it includes more than just some trivial changes.


    We were talking about LAMP setup, not gcc.

    >>>>On the other hand soft- and hardware support is available 24/7
    >>>>for Linux from all major vendors, not that I'd be aware of it
    >>>>for *BSD?


    >>> Maybe not from the major vendors, but there are plenty ways to get 24/7
    >>> support on *BSD.


    >>Including hardware support out of one source?


    > Sure, why not? Take a look at the following sites if you're interested.
    > http://www.openbsd.org/support.html
    > http://www.netbsd.org/gallery/consultants.html
    > http://www.freebsd.org/commercial/


    > Some of them give only software support, some of them also can give
    > hardware support


    Nice, but I fear none of them able to deliver 24/7 worldwide
    hw/sw support.

    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 379: We've picked COBOL as the language of choice.

  13. Re: best distro for security

    On 2006-08-25, Maurice Janssen wrote:

    > OpenBSD patches some of the third party software that is included with
    > the system, including Apache. So it's not exactly the same.


    Last thing I read on the subject was OBSD was really unhappy with
    Apache after a bad exploit was found on Apache/OBSD back '02. They
    had to apply over 100 patches to it make it acceptable again. This is
    not your stock Linux Apache. I looked for the cite on this, but am
    sorry to say I was unable to find it again.

    nb





  14. Re: best distro for security

    On Fri, 25 Aug 2006 18:16:34 +0200, Michael Heiming wrote:
    >In comp.os.linux.security Maurice Janssen :
    >> I don't know how much is patched. The OpenBSD patches for gcc are
    >> documented here:
    >> http://www.openbsd.org/cgi-bin/man.c...ocal&sektion=1
    >> As you can see, it includes more than just some trivial changes.

    >
    >We were talking about LAMP setup, not gcc.


    It's just an example, I don't have a list of the Apache patches.
    The FAQ says "The OpenBSD team has added default chrooting, privilege
    revocation, and other security-related improvements" about the Apache
    patches, so it does make a difference IMHO.

    >>>Including hardware support out of one source?

    >
    >> Sure, why not? Take a look at the following sites if you're interested.
    >> http://www.openbsd.org/support.html
    >> http://www.netbsd.org/gallery/consultants.html
    >> http://www.freebsd.org/commercial/

    >
    >> Some of them give only software support, some of them also can give
    >> hardware support

    >
    >Nice, but I fear none of them able to deliver 24/7 worldwide
    >hw/sw support.


    Now it has to be worldwide support?! It's no fun when you keep changing
    the conditions.

    --
    Maurice

  15. Re: best distro for security

    notbob wrote:

    >
    >
    > On 2006-08-24, Baho Utot wrote:
    >
    >> have him go ahead and try.

    >
    > After being recruited from halfway around the World to head up the
    > security dept of a prestigious European financial institution, he's
    > going to drop everything to hack the box of some wonk in Pastafazoole
    > Ohio. Sure pal. I'll get right on it.
    >
    > nb


    I didn't think for one minute you could deliver. If he is as good as you
    think he is it shouldn't take you very long, or are you just postering?

    You are just spouting BS.

    You lose.

    --
    Dancin' in the ruins tonight
    mail: echo onub-hgbg@pbyhzohf.ee.pbz | perl -pe 'y/a-z/n-za-m/'
    Tayo'y Mga Pinoy

  16. Re: best distro for security

    On 2006-08-25, Baho Utot wrote:


    > You are just spouting BS.
    >
    > You lose.


    Just keep telling yourself that. I'm sure it makes you happy.

    nb

  17. Re: best distro for security

    In comp.os.linux.security Maurice Janssen :
    > On Fri, 25 Aug 2006 18:16:34 +0200, Michael Heiming wrote:
    >>In comp.os.linux.security Maurice Janssen :

    [..]

    >>We were talking about LAMP setup, not gcc.


    > It's just an example, I don't have a list of the Apache patches.
    > The FAQ says "The OpenBSD team has added default chrooting, privilege
    > revocation, and other security-related improvements" about the Apache
    > patches, so it does make a difference IMHO.


    Now that would make indeed a difference if they can keep up with
    the main version?

    [..]

    >>Nice, but I fear none of them able to deliver 24/7 worldwide
    >>hw/sw support.


    > Now it has to be worldwide support?! It's no fun when you keep changing
    > the conditions.


    That's what I expect, having switched a couple of *BSD systems to
    Linux, not because it would be a bad OS, I don't really care as
    long as it is *nix. But for exactly the reason of missing support
    through major vendors.

    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 94: Internet outage

  18. Re: best distro for security

    notbob wrote:

    >
    >
    > On 2006-08-25, Baho Utot wrote:
    >
    >
    >> You are just spouting BS.
    >>
    >> You lose.

    >
    > Just keep telling yourself that. I'm sure it makes you happy.
    >
    > nb


    Last call.

    It is not about making me happy.

    You can't deliver on what you stated and you know it.

    --
    Dancin' in the ruins tonight
    mail: echo onub-hgbg@pbyhzohf.ee.pbz | perl -pe 'y/a-z/n-za-m/'
    Tayo'y Mga Pinoy

+ Reply to Thread
Page 3 of 3 FirstFirst 1 2 3