[Dshield] OT - to Antti - Is this normal?

Johannes Ullrich jullrich at sans.org
Tue Jun 25 18:00:03 GMT 2002

  I think I will cut this thread off officially, unless someone has something
more security related to say. To 'cap it off', my quick rundown on operating 
systems... (remarks, flames, comments please to myself directly only):

  First of all: The trick to run a small home/company network with limited
resources securely is focus. Decide on an operating system, maybe two, and
learn them well. (e.g. Windows XP for desktops, Linux for clients). Don't
switch operating systems or other software too often. Rather than finding 
the 'safest' (a futile task in my opinion), try to learn how to run the one
you have well. 

  My own opinion regarding different Distros/Operating Systems:

- Windows XP/2000: probably good for an office desktop environment.
  I don't like it for servers. But other people have great success with it.

- Linux: my favorite for everything these days. With Ximian, RedHat and
  Open/Staroffice it is a good desktop contender as well.
  If you just get started with Linux, go with RedHat. While this is great
  flamewar material, I prefer RedHat because 1) I know it 2) its up2date
  service takes care of most of the simple but time consuming updates
  3) if there is a problem, it is easy to get help 4) there is always 
  RedHat that will help you if you throw some money at them.

- Free/Open/NetBSD: I realy don't know enough about them to comment. 
  They are said to have better network performance. But I don't see
  as much support for them as for Linux. However, as Linux becomes more
  mainstream, the geek crowd is switching to BSD.

- Solaris: I did try it on x86 hardware and sparc hardware. Its bad on 
  the first and rocks on the second. However, I don't see its advantage
  over Linux these days. In partiuclar if you are looking at 'regular'
  hardware (<=4 CPUs, <= 16 GByte RAM). However, if you have a Sun Fire
  that collects dust: I will take it gladly of your hands. 

- other *IX: don't have the time/space to comment here... they are good
  for some special applications or special hardware.

jullrich at sans.org             Collaborative Intrusion Detection
                                    join http://www.dshield.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20020625/baabf42b/attachment.bin

More information about the list mailing list