[lug] Security Issues: Linux vs. FreeBSD
marvin at netinfra.net
Mon Mar 6 17:28:59 MST 2000
Scott Saad wrote:
> Hi everybody. Recently, our mail server, which happens to be running Red
> Hat Linux 6.0, was attacked by some script kiddy. My co-employee is a BIG
> fan of FreeBSD. He assures that if we were running FreeBSD instead of Linux
> this hack could of been avoided (he's also bias because he feels a bit more
> administratively confident with FreeBSD). I'm trying to convince him
> otherwise by letting him know that the problem is not Linux itself... it's
> just that our policy needs to be tightened up.
> I wanted to get the lists' opinion on security between FreeBSD and Linux.
> Is FreeBSD generally more secure? I'm relatively new to this list so if
> somebody could point me to some documentation regarding this issue, I would
> greatly appreciate it. I don't want to have to say good-bye to the Linux
> box... that's just no fun at all.
FreeBSD is no more secure than Linux, generally speaking. OpenBSD, on the
other hand, is the only version of UNIX that I am aware of which has a stated
goal of top notch security right out of the box, and is secure enough that the
DoD has begun using it.
However, Linux, especially RedHat Linux, tends to be insecure right out of the
box, simply due to a large number of unnecessary services right out of the box
being turned on. Tighten up the policies, and I'd pit FreeBSd against Linux
for security any day.
More information about the LUG