l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2001 Dec 30 17:03

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Re: OpenBSD and Security
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Re: OpenBSD and Security

Sounds like a different philosophy to me.  Openbsd provides minimal
functionality by default, but allows users to add there own via
the PORTS collection.  Redhat includes a wide range of network services
by default, requiring tweaking a GUI tool to get them to start on

Redhat has security auditors, and contributes patches to numerous tools.

So if you need a DNS server, you installed openbsd, then installed
ISC's named from ports you have the same DNS security problems of the
rest of the world:

Similar with ftpd I.e.:

So as long as your smart enough to enable only what you need the
security isn't any different.

For the most part openbsd seems to follow the same
OhMyGodThereIsAnotherRootExploit and issues patches accordingly.

Not that openbsd isn't a fine unix distribution, I just fail to
see this "huge" security difference just because the exploitable
programs are in PORTS instead of installed by default.

Personally I like redhat simply because it has good functionality
out of the box, offers significantly more verification/coverage testing
then other distributions I've used (mandrake, slackware, even the old SLS),
and they get the security patches out usually within 24 hours minimizing
my security exposure.

Often redhat has to "reissue" patches because they receive wide
publicity months after redhat patches them.  For instance the April 1st
adore virus uses an exploit that was patched in October 2000.


LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!