Security on linux....

What we think of security in the different Linux distributions?

Luminus

Permalink Reply by mindcorrosive on May 14, 2008 at 6:23am: That's because you probably haven't read the yesterday's news here..; ▶ Reply to This

Permalink Reply by Bongfactory on May 14, 2008 at 12:05pm: On Kubuntu this morning there was a nice upgrade package for OpenSSL to 0.9.8g-4ubuntu3. I think this upgrade solves the issue..; ▶ Reply to This

Permalink Reply by mindcorrosive on May 14, 2008 at 3:55pm: It does - if you don't have (possibly) compromised SSH keys lying around.. I did have several, and had to update them all - manually - and even cursed a bit..; ▶ Reply to This

Permalink Reply by Bongfactory on May 15, 2008 at 9:35am: you had to wait this morning upgrade: compromised RSA keys blacklist... Sorry to hear you got angry in the "cleansing" process ^_^ (really love jap emoticons); ▶ Reply to This

Permalink Reply by Twilight on May 14, 2008 at 8:11am: I have a Debian based firewall; I choose Debian because I think it's one of the most secure distribution because of its updating policies and because it comes only with basic commands and tools, without useless stuffs that are no necessary on a server system.
So, the less services I have installed, the less vulnerabilities I get! :); ▶ Reply to This

Permalink Reply by underdog on May 14, 2008 at 12:52pm: Less services does not necessarily mean more secure. It does possibly mean less risk though.

See the link below, case in point of distro maintainers thinking they can fix bugs in other projects and causing more issues, specifically debian and other distros based on it.

https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-May...; ▶ Reply to This

Permalink Reply by th0dy on May 14, 2008 at 4:08pm: "I love gentoo"

say that man... we are waiting!; ▶ Reply to This

Permalink Reply by underdog on May 14, 2008 at 4:21pm: hahaha....

I LOVE LINUX

I prefer gentoo

nuff said; ▶ Reply to This

Permalink Reply by c0rr on May 14, 2008 at 4:57pm: grsecurity.net. w00t.

(Brad keeps us safe)

:D; ▶ Reply to This

Permalink Reply by th0dy on May 14, 2008 at 9:46pm: I love it tooooo

but my flavor was debby...(debian); ▶ Reply to This

Permalink Reply by Twilight on May 14, 2008 at 10:26pm: You are right about Debian case on openssh, and for a certain kind of software maybe is preferable not to 'create' your own version, but to use the standard, worldwide-used, version.

Regarding services and vulnerabilities, if I have to improve security on a system, first of all I remove all unnecessary services that comes with it. Don't mind if they are secure or not, but if I don't need them I just remove them.
Supposing that necessary services are very well configured, the only risks I can get with them come from vulnerabilities.
I think about it in a statistical way: the more services I have installed, the more probability to have a vulnerability-related problem. (Then if you are really unlucky maybe the only one service you have installed could be vulnerable too :) )
Obviously in my opinion.... :); ▶ Reply to This

Welcome to
House of Hackers

Sign Up
or Sign In

About

pdp created this Ning Network.