[Dshield] Re: Flavors of Linux
Mar Matthias Darin
BDarin at tanaya.net
Sun Oct 3 03:23:31 GMT 2004
I have looked over all the major brand and still do... Here's my opinion
(based upon usage):
Slackware seems to be the most resilient and the closest to traditional UNIX
at this point. Its my current base. I've stuck with slack for 5 years now,
starting with 2.0.32, now I run 2.4.22. All my kernels start out as stock,
then I mod them myself.... hardening them.... In the 5 yrs that I have
been using it, security has been the strongest. SlackWare is not as easy as
others to setup though. It (as of my version) required a little technical
knowledge to get running right. But, IMHO, well worth the effort. I run
all the below on ONE CPU (K6 athlon 1.7G, 2G ram, 300G HD):
5 IP addresses, One per domain/5 full domains. each domain has all standard
services (FTP/HTTP/SMTP/DNS/WebMail). Its also the default gateway to 10
cpus on a lan, full automated backup of itself and all machines on the lan.
Full multilayered security for Firewall/email. Email scans every peice with
four seperate scanners.
The machine has excellent performance under the highest loads... I've pushd
my load as high as 228.
RedHat: you couldn't give me one of these... I don't like any company that
dumps its costomers. I don't like the layout of the /etc/rc.d/init.d
areas... The only good thing here, IMHO, is the automatic update feature.
I've seen many good things on the Debian side... Looks like a good system,
just not as generic as I wanted. I have many associates that rave over it.
Debian has one of the best autoupdates going.... This is a sweet spot here.
BSD (Free/Net/Open)... Tried it and for me, wasn't UNIX enough. Excellent
security Its seemed more proprietary then Debian though. NFS is sweet
here... real stable and smooth.
SELinux: Can't tell you... I never can get the thing to compile right...
Always breaks and the dates on the web page seem to suggest it isn't updated
often. Last update was Jan/01/2004...
Mandrake: RedHat based... enough said....
I have not used any of the lesser systems like dragon/tri/true64/dsl (damned
small linux) and such, but each seem to have their merits. You'll find a
load of variants on the web...
My rankings are: 1 - SlackWare, 2 - Debian, 3 Any of the BSD series.
The point that is going to be your bottleneck is maintainability. Debian is
the best, IMHO, for the autoupdaate, SlackWare is the best for the "grind it
your self" approach. BSD fall roughly mid-way.
Hope this helps...
Shane Presley writes:
> I was wondering if anyone had any comments on the security of various
> flavors of Linux?
> I realize it's a vague question. The security of an OS depends
> primarily on system hardening. But I'm wondering if in general, one
> vendor is known for providing a more stable/secure OS, especially
> regarding patches/updates.
> We are 95% Solaris , but want to use Linux for some new applications.
> Our Unix SA's are leaning towards Red Hat Enterprise Linux ES 3, and
> I'n not one to argue (I've never touched a Linux machine). But I
> wanted to see what this group thought.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20041002/281fd623/attachment.bin
More information about the list