Re: Red Hat vs Debian Linux: overall security
- From: jm <jm@xxxxxxxxxx>
- Date: Thu, 30 Nov 2006 11:19:14 +1100
A quick trawl through my AUSCERT advisories from 05/05 - present day shows the following results on subject searches:
Debian: 473
DSA (debian security advisories): 180
Redhat: 147
I went to the Open Source Symposium recently (thanks for the psp!) which was sponsored by Red Hat. They provided some interesting statistics regarding security issues, make of them what you will, but I found them quite interesting. Anyways here's a few of them:
70% of all attacks are now targeted at applications, not operating systems
41.7% of reported CVE vulns are stopped by ExecShield
Time taken to fix critical flaws from the time its available to the public till the time its fixed:
0 day - 73%
1 day - 95%
2 day - 100%
I don't have a great deal of exposure to debian, however I doubt that either distro is inherently more insecure than the other.
--jason
PS. I'm in no way affiliated or associated with RedHat, merely an end user.
tjanas@xxxxxxxxxxxxx wrote:
I am evaluating the overall security of Red Hat linux vs Debian. I've been told that Debian has many more vulnerabilities than Red Hat. I've also been told that Red Hat is quicker to release security patches than Debian is for the "stable" release. Can someone point me to a good overall assessment of the two? Using this tool: www.securityfocus.com/bid I see that Debian has 17 pages worth of issues but Red Hat has surprisingly few. Am I misinterpreting the results from this tool?
- References:
- Red Hat vs Debian Linux: overall security
- From: tjanas
- Red Hat vs Debian Linux: overall security
- Prev by Date: Re: Red Hat vs Debian Linux: overall security
- Previous by thread: Re: Red Hat vs Debian Linux: overall security
- Next by thread: Portsentry and Snort Question
- Index(es):
Relevant Pages
|
|
