Re: Newbie: RedHat 8 or OpenBSD??

From: Ryan Parr (ryanparr@thejamescompany.com)
Date: 11/01/02


From: "Ryan Parr" <ryanparr@thejamescompany.com>
To: <security-basics@security-focus.com>
Date: Thu, 31 Oct 2002 19:48:15 -0800


> As to which version is 'more secure', that is (IMHO)
> entirely subjective and dependant on the experience of those that will
> be setting up and managing the server(s).

No argument here. No matter what experiences anyone else
has had, YMMV. You'd probably do best to perform an install
of both OS's and see which fits your needs best.

I've run both Redhat and OpenBSD for web servers. I actually had
more difficulty with Redhat than OpenBSD.

The OpenBSD team has performed a near superhuman feat in
their exceptional man pages, and you will honestly find *everything*
you need in them. They have greatly reduced the voodoo of the
*nix's. OpenBSD also installs the minimum you need to
have a secure, functioning server while Redhat's packaged
configurations can get pretty bulky and you may have to spend
some time taking things away to harden it. With OpenBSD you
have to add things to un-harden it :)

Redhat has very broad industry support, and
it's certainly easier to use RPM than OpenBSD's ports collection.

You just can't make an educated decision without trying them
both out. Take a couple weeks to test them. Try to break them.
It's worth your trouble.

----- Original Message -----
From: "Michael Vaughan" <list@predator-hunter.com>
To: "'GSG Designs'" <gsgdesigns@hotmail.com>
Cc: <security-basics@security-focus.com>
Sent: Thursday, October 31, 2002 10:52 AM
Subject: RE: Newbie: RedHat 8 or OpenBSD??

In answer to your question..."It Depends".

It will depend on how experienced your engineers are with Linux.
OpenBSD can be a pain to install and configure. RedHat on the other
hand is comparatively easy to setup. OpenBSD from what I understand is
the most secure version out of the box but again securing it 'could' be
a pain. However, you can get scripts to harden Redhat fairly well. In
addition, You CAN further Harden Redhat by patching the Kernel:
http://www.nsa.gov/selinux/index.html thereby further hardening the
Linux server. As to which version is 'more secure', that is (IMHO)
entirely subjective and dependant on the experience of those that will
be setting up and managing the server(s).

Regards,
-Michael Vaughan
mvaughan@predator-hunter.com

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/GMD/GO d+ s+:+ a32 C++ UL+++ P+ L+++!E W+++ N++ o- K- w++++ O- M+ V
PS--- PE+ Y+ PGP++ t+++@ 5-- X++ R- tv b++++ DI+++ D--- G++ e* h-- r--
z++
------END GEEK CODE BLOCK------

The information contained in this message may contain privileged and
confidential information and is intended only for the internal company
use of the individual or entity named above. If the reader of this
message is not the intended recipient, or the employee or agent
responsible to deliver it to the intended recipient, you are hereby
notified that any examination, distribution or copying of this
communication is strictly prohibited. Furthermore, any and all
recipients of this message are prohibited from engaging in the
unauthorized dissemination of the information contained herein to
person(s) outside the company. If you have received this communication
in error, please notify sender immediately.

-----Original Message-----
From: GSG Designs [mailto:gsgdesigns@hotmail.com]
Sent: Wednesday, October 30, 2002 3:56 PM
To: security-basics@security-focus.com
Subject: Newbie: RedHat 8 or OpenBSD??

I'm fairly new to this, so please bare with me. If this question has
been
asked in the past, I apologize. I'm new to the listserv as well.

We are discussing starting our own web server. There is debate on
whether
RedHat 8 or OpenBSD is more secure. What are your thoughts? We will be

doing online orders with credit card info, etc. Do you have any
resources
to point us to? (We will be running Apache, probably a 'duh'.)

Thanks.

_________________________________________________________________
Broadband? Dial-up? Get reliable MSN Internet Access.
http://resourcecenter.msn.com/access/plans/default.asp



Relevant Pages

  • Re: Newbie: RedHat 8 or OpenBSD??
    ... Openbsd just haven't all the features tha a redhat linux box has. ... That doesn't make it more secure. ... So if you run apache webserver and there is an apache exploit ...
    (Security-Basics)
  • RE: Newbie: RedHat 8 or OpenBSD??
    ... As to openBSD is more secure, I think your opinion is flawed heavily. ... As for auditing, almost evertything goes under an audit at one point or another, so why do we have security issues? ... Subject: Newbie: RedHat 8 or OpenBSD?? ...
    (Security-Basics)
  • Re: A Few Noob Questions.
    ... So it's okay to run sendmail for security reports etc? ... A fresh OpenBSD install disable these incoming connection by default unless you allow them? ... tweak the system to make it secure. ... - the base system, including external packages like httpd and named, has ...
    (comp.unix.bsd.openbsd.misc)
  • Re: Firewall - Limit Geographic Area
    ... Firewall - Limit Geographic Area ... > times more secure than a Microsoft Windows machine can be). ... Redhat is conservative about what they release ... > - do not reuse passwords between your server and, say, random ...
    (RedHat)
  • Re: OpenBSD says secure levels "useless"
    ... it's one of the most secure OS's period. ... from slinging mud at OpenBSD, all of what we say ... But given OpenBSD's imperative of security out of the ... product, it is one of my favorite Unix varients, and the only Unix varient ...
    (comp.os.vms)