Slashdot Mirror

← Back to Stories (view on slashdot.org)

Battle of the Secure Distros

Posted by michael on from the when-openbsd-just-won't-do dept.

CrazyEd writes "LinuxSecurity is reporting that EnGarde Secure Linux has received the Network Computing Editor's Choice award to win the battle of the Secure Linux distributions. Well deserved, me thinks." Update: 06/10 15:16 GMT by T : An anonymous reader points out that Linuxlookup.com reviewed this distro last week, awarding it a perfect score.

5 of 158 comments (clear)

  1. Admin by sofist · · Score: 5, Insightful

    A distro is (or any software for that matter(yes Windows to)) only secure if the admin who runs the distro knows what is he doing.

    1. Re:Admin by alapalaya · · Score: 5, Insightful

      I disagree with you. I think that to be a good sysadmin is quite difficult and requires a lot of study, trial and error and passion. (Please note, I'm not a sysadmin, even if I can accomplish the easier sysadmin tasks).
      In particular, you must know in deep detail all the technologies involved in a complex networking environment (they are countless: DNS, email, NEWS, NIS, LDAP, routing, and so on...).
      It is difficult to barely know all of them, and to secure an installation you must know them good. And this is no easy...

      Of course I agree with the point that the software must be "secure-able", otherwise you can be the best sysadmin... you system will always be full of flwas if the software you are using is bugged (...who said something about the windows?...).
      Cheers

      --
      667 The Neighbour of the Beast
    2. Re:Admin by fruey · · Score: 5, Insightful
      The key is this: there are too many admins who patently don't know what they're doing, and some who will even admit it.

      I spend a lot of time with other people's networks, and have yet to see one which stands up to how I would run my network. That's how I make money, incidentally - fixing other people's networks and securing them where possible.

      A guage of how secure things are out-of-the-box is important. Some people will never switch off the default daemons, etc. Some people insist on using some Microsoft DCOM rubbish and opening holes over their firewalls to do it because they can't do anything else. They don't know how and don't care to know.

      So, this kind of survey is important for those lesser admins who are probably not geeks and just trying to hold on to their jobs. Perhaps they are good at other things and valuable for the company, and the same is too tight to invest in a proper sysadmin so they dump him the job because he can hack a few basics together and get it to work.

      All those of you saying "RedHat isn't secure out of the box" and all that OpenBSD stuff are already enlightened. These surveys are not for you. They are for all those other readers who don't fathom why you're mentioning OpenBSD in the first place.

      --
      Conversion Rate Optimisation French / English consultant
  2. NSA not even mentioned. by bodin · · Score: 4, Insightful

    Interesting that the NSA security enhanced linux is not even mentioned.

    http://www.nsa.gov/selinux/

    --
    I vote for OpenBSD

  3. RedHat by ranulf · · Score: 4, Insightful
    It's a shame given how easy it is to make a RedHat box secure that they don't just do it by default.

    Because I'm always installing Linux for clients, RedHat is always specified, so I have no choice, but I've got it down to taking about 10 minutes to have a really secure box. It's just a case of knowing what needs to be done, which sadly, Linux newbies won't know.

    In my opinion, security should be paranoid to start with. If that stops the users from doing something, fine. They'll have an incentive to try and figure out how to allow what they wan to do. Make it too easy, and they'll just live in blissful ignorance.