Re: Security followup

Subject: Re: Security followup
From: Andrew Plato <gilliankitty -at- yahoo -dot- com>
To: "TECHWR-L" <techwr-l -at- lists -dot- raycomm -dot- com>
Date: Sun, 19 Jan 2003 09:22:46 -0800 (PST)


--- Bruce Byfield <bbyfield -at- axionet -dot- com> wrote:

> In other words, you can't say that this Linux machine is more secure
> than that Windows machine simply because of its operating system. The
> individual configuration of each machine needs to be taken into account.
> However, you can say - along with the majority of veteran system
> administrators - that, overall, Linux has the POTENTIAL for greater
> security. Its features and the approach to security taken by its
> development community help to ensure that.

First, I don't think there is any empirical evidence out there that says a
"majority of veteran system administrators" consider Linux to have more
security "potential.

Furthermore, I don't know what "security potential" is. I spent four months
studying for a CISSP and never once did we discuss "security potential."
I assume this term refers to the "ability to make something secure."

If that is the case, than this is a totally meaningless term. Any machine that
is turned off and placed in a vault at Fort Knox is tremendously secure. In
that sense, EVERYTHING has a high degree of "security potential." Armed with
enough resources, anything can be made secure.

Furthermore, the overwhelming number of security programs written for Windows
suggests that it is actually "easier" to secure a Windows system. For example,
there is, to my knowledge, no automated intrusion protection technology that
runs on Linux. A technology that can respond in real-time to intruders and
block them. Some people have come up with highly modified versions of Snort
that can do this, but it is hardly "easy" to implement those technologies.

ISS actually used to have a Linux agent that did this, and they cancelled it
because nobody bought it.

So once again, we're operating on faulty assumptions. I have secured pretty
much every platform there is. And honestly, Windows boxes are a snap to secure.
Most Linux distributions take a lot longer because you have to research open
source technologies, test them, tweak them, and wait for days to get useful
support from newsgroups and mailing lists.

Andrew Plato

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
A new book on Single Sourcing has been released by William Andrew
Publishing: _Single Sourcing: Building Modular Documentation_
is now available at: http://www.williamandrew.com/titles/1491.html.

Help Authoring Seminar 2003, coming soon to a city near you! Attend this
educational and affordable one-day seminar covering existing and emerging
trends in Help authoring technology. See http://www.ehelp.com/techwr-l2.

---
You are currently subscribed to techwr-l as:
archive -at- raycomm -dot- com
To unsubscribe send a blank email to leave-techwr-l-obscured -at- lists -dot- raycomm -dot- com
Send administrative questions to ejray -at- raycomm -dot- com -dot- Visit
http://www.raycomm.com/techwhirl/ for more resources and info.



Follow-Ups:

References:
Re: Security followup: From: Bruce Byfield

Previous by Author: RE: Security followup
Next by Author: Re: Security followup
Previous by Thread: Re: Security followup
Next by Thread: Re: Security followup


What this post helpful? Share it with friends and colleagues:


Sponsored Ads