[Dshield] Re: Flavors of Linux

Mar Matthias Darin BDarin at tanaya.net
Sun Oct 3 03:23:31 GMT 2004


Hello, 

I have looked over all the major brand and still do...  Here's my opinion 
(based upon usage): 

Slackware seems to be the most resilient and the closest to traditional UNIX 
at this point.  Its my current base.  I've stuck with slack for 5 years now, 
starting with 2.0.32, now I run 2.4.22.  All my kernels start out as stock, 
then I mod them myself....  hardening them....  In the 5 yrs that I have 
been using it, security has been the strongest.  SlackWare is not as easy as 
others to setup though.  It (as of my version) required a little technical 
knowledge to get running right.  But, IMHO, well worth the effort.  I run 
all the below on ONE CPU (K6 athlon 1.7G, 2G ram, 300G HD): 

5 IP addresses, One per domain/5 full domains. each domain has all standard 
services (FTP/HTTP/SMTP/DNS/WebMail).  Its also the default gateway to 10 
cpus on a lan, full automated backup of itself and all machines on the lan.  
Full multilayered security for Firewall/email.  Email scans every peice with 
four seperate scanners. 

The machine has excellent performance under the highest loads...  I've pushd 
my load as high as 228. 

RedHat: you couldn't give me one of these...  I don't like any company that 
dumps its costomers.  I don't like the layout of the /etc/rc.d/init.d 
areas...  The only good thing here, IMHO, is the automatic update feature. 

I've seen many good things on the Debian side...  Looks like a good system, 
just not as generic as I wanted.  I have many associates that rave over it. 
Debian has one of the best autoupdates going....  This is a sweet spot here. 

BSD (Free/Net/Open)...  Tried it and for me, wasn't UNIX enough.  Excellent 
security   Its seemed more proprietary then Debian though.  NFS is sweet 
here...  real stable and smooth. 

SELinux: Can't tell you...  I never can get the thing to compile right...  
Always breaks and the dates on the web page seem to suggest it isn't updated 
often.  Last update was Jan/01/2004... 

Mandrake: RedHat based...  enough said.... 

I have not used any of the lesser systems like dragon/tri/true64/dsl (damned 
small linux) and such, but each seem to have their merits.  You'll find a 
load of variants on the web... 

My rankings are: 1 - SlackWare, 2 - Debian, 3 Any of the BSD series. 

The point that is going to be your bottleneck is maintainability.  Debian is 
the best, IMHO, for the autoupdaate, SlackWare is the best for the "grind it 
your self" approach.  BSD fall roughly mid-way. 


Hope this helps... 


Shane Presley writes: 

> I was wondering if anyone had any comments on the security of various
> flavors of Linux? 
> 
> I realize it's a vague question.  The security of an OS depends
> primarily on system hardening.  But I'm wondering if in general, one
> vendor is known for providing a more stable/secure OS, especially
> regarding patches/updates. 
> 
> We are 95% Solaris , but want to use Linux for some new applications. 
> Our Unix SA's are leaning towards Red Hat Enterprise Linux ES 3, and
> I'n not one to argue (I've never touched a Linux machine).  But I
> wanted to see what this group thought. 
> 
> Thanks,
> Shane
 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20041002/281fd623/attachment.bin


More information about the list mailing list