Re: Comparing Windows Bastions to Linux Bastions

• Previous message: David Moisan: "RE: tools used to examine a computer"
• In reply to: BYRD,GREGORY (HP-Boise,ex1): "Comparing Windows Bastions to Linux Bastions"
• Next in thread: Ivan Hernandez: "Re: Comparing Windows Bastions to Linux Bastions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 25 Feb 2003 15:59:06 -0800
From: Chris Travers <chris@travelamericas.com>
To: "BYRD,GREGORY (HP-Boise,ex1)" <gregory.byrd@hp.com>

Hi Gregory;

The O'Reilly book "Building Internet Firewalls" has a good section on
Windows and *nix bastions.

My own perspective is that Windows hosts tend to be more complicated
from a security perspective because of hidden dependencies, etc (for
example does your web app require COM+? How do you know?), and the
secure administrative interfaces tend to be more complex as well. This
is a problem for Windows. Also, remember that most Windows Updates
require a reboot, while most updates on *nix systems require that a
specific service is restarted.

However, a large percentage of security incidents are preventable by
good administration practices. So, the admin is more important than the
platform.

Just my 2 cents worth.

Best Wishes,
Chris Travers

BYRD,GREGORY (HP-Boise,ex1) wrote:

>Everyone,
>
>I'm looking for information comparing Windows Bastions to Linux Bastions
>(positives and negatives). I've looked through the list archive, as well as
>plundered through Google (web and groups), but nothing worthwhile.
>Hopefully someone on this list knows or has a document that can help.
>
>Thanks in advance,
>Greg
>
>
>
>
>
>
>
>

• Next message: Bram Van Dam: "RE: e-mail policies"
• Previous message: David Moisan: "RE: tools used to examine a computer"
• In reply to: BYRD,GREGORY (HP-Boise,ex1): "Comparing Windows Bastions to Linux Bastions"
• Next in thread: Ivan Hernandez: "Re: Comparing Windows Bastions to Linux Bastions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]