[buug] Great Links re. Internet/Linux Security

Rick Moen rick at linuxmafia.com
Mon Aug 14 20:55:20 PDT 2000


begin Zeke Krahlin quotation:

> When delving into Linux for the first time (early this year), I was
> suprised and not a little disappointed to learn that most of the
> popular distros were installed with a poor level of security, just
> like Windoze.

Um, no.  Not at all like Windows.

Most of the popular distributions have historically had poor security by
Unix standards, and even the most security-minded Linux distributions
need some work compared to, say, OpenBSD.  But the Linux kernel and 
TCP/IP stack have had security miles ahead of both the Win9x and WinNT 
kernels and TCP/IP stacks, the user-level security is miles ahead of
those other two platforms', and its network-level security generally
ditto.

> My original impression was that any version of Linux would be very
> secure out of the box.

That wouldn't sell:  Security is inherently inconvenient.

Sun's Solaris does a default installation that's a really bad joke in
the security department.  Compentent Solaris admins go to some lengths
to fix that, during and after installation.  The same is true of most 
otherwise-good OSes.  And at least they're fixable.  The holes that
Win9x and WinNT are riddled with tend to be pervasive and systemic.

And one cannot even hope for genuine OS security unless and until one is
willing to put in some serious time studying the subject -- since, as
Bruce Schneier says, security isn't a product; it's a process.

http://www.counterpane.com/crypto-gram.html

-- 
Cheers,                              "Open your present...."
Rick Moen                            "No, you open your present...."
rick (at) linuxmafia.com             Kaczinski Christmas.
               --  Unabomber Haiku Contest, CyberLaw mailing list




More information about the buug mailing list