Re: A question of Security

Alan Cox (alan@lxorguk.ukuu.org.uk)
Thu, 16 Dec 1999 13:20:08 +0000 (GMT)


> articles, papers etc that compares the security of a linux server against
> the security of a box running Solaris and other common Unix
> Operating systems. Can anyone help by pointing me in the right
> direction, or sending me material to use in the defense of Linux?

They are actually all basically the same. There are Linux firewalls with
certifications for example.

If you are building a web server you need at minimum to have firewalling on it,
some kind of encrypted login (forget telnet across the internet backbones
people _do_ sniff packets off most major ISP's and will steal your password).
You probably also want to get some kind of monitoring tools for spotting
potential intrusions and unusual traffic patterns

You can get all of these for all Unix systems, and for a typical business web
server if you get the firewalling/encrypted access right 99.9% of your risk
will be badly written cgi scripts, including stuff people have paid for

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu