Re: Please Help!
From: Thomas Vincent (thomasv_at_mac.com)
Date: 05/27/03
- Next message: Ian Gregory: "Re: Please Help!"
- Previous message: Steve: "Please Help!"
- In reply to: Steve: "Please Help!"
- Next in thread: Ian Gregory: "Re: Please Help!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 May 2003 16:58:21 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Steve,
IMHO, Linux security is flat out better then Windows 2K/XP. The
Security in Win95/98/Me is a joke.
Windows 2k, and XP have some good points in terms of security:
1.) Excellent auditing, you can get to the point where you have to
much logging under Windows 2K or XP.
2.) RBAC - Role Based Access Control - Windows XP gives you hybrid
RBAC/DAC model of security. Windows does allow you to have
granularity when I assigning privileges to a user.
Windows 2k suffers from:
1.) Bad Coding - Microsoft is constantly releasing security patch's
for the OS. Sometimes these security patch's crash the OS. In a
server environment that is unacceptable.
2.) No open standards - Microsoft's security solution is to use other
Microsoft products. Eg. Active Directory. Open standards can be
looked at and debated by everyone. Close standards cannot.
3.) Security is not something you see by default. You have to follow
NSA guidelines to secure the system. Even then it is questionable
whether the system is secure due to issues with Microsoft's OS, not
the NSA guidelines.
Linux has a lot going for it:
1.) Various options for security models (DAC & MAC.)
2.) Use of open standards.
3.) Trusted implementations that meet the requirements of the Common
Criteria standards (successor to the orange book.) Yes, Microsoft
Windows NT met the orange books standard, and 2k met Common Criteria
standard. But Windows NT could not meet it when it was networked.
Windows 2K's certification had similar issues. Do a google search for
the http://theregister.co.uk/ article on subject.
4.) Known implementations of encryption that are open to peer review.
SSL is great, but only if you implement it right. In open source, you
can be sure that people have reviewed it for quality.
Linux suffers from:
1.) Bad coding - Being open source these bugs are caught quicker, and
fixed quicker.
2.) Distributions that install the kitchen sink by default.
3.) Security is not something you see by default. You have to run
Bastille or something along those lines to secure the system.
Maybe not so much in Linux, but in OpenBSD you see security
innovations happen long before they come out of Microsoft. Also a lot
of the time Microsoft's security issues can be blamed on
inexperienced administrators. Who do not patch there systems or
bother to lock them down after the default install. But Linux is
still has a lot more going for it in terms of security then Windows
does.
Cheers,
Thomas Vincent
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
iQA/AwUBPtOZF7invnTMZ1jLEQJk5wCfbdW59mXKfJfnewAoGiY+5HrItNUAni7B
meBNREAQd8R6C5O6wbLklEFy
=c8W8
-----END PGP SIGNATURE-----
- Next message: Ian Gregory: "Re: Please Help!"
- Previous message: Steve: "Please Help!"
- In reply to: Steve: "Please Help!"
- Next in thread: Ian Gregory: "Re: Please Help!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
