Re: ideal OS distro for network scanning?

From: wrhaynes@gmail.com
Date: Sun Jan 15 2006 - 13:37:47 EST

Next message: michele dallachiesa: "hopfake-2.0.BETA5 released"
Previous message: Michael Scheidell: "RE: ideal OS distro for network scanning?"
Maybe in reply to: offset: "ideal OS distro for network scanning?"
Next in thread: Pete Herzog: "Re: ideal OS distro for network scanning?"
Reply: Pete Herzog: "Re: ideal OS distro for network scanning?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) Well the most secure OS is going to be the one that you patch and update, not necessarily OpenBSD. I used to be an OpenBSD fan but no longer because I've been using FreeBSD for over 4 years now with 0 regret. FreeBSD is much more useable and actually remendously easier to upgrade/patch because of the great ports system. And for the most part, it's the applications that are vulnerable not the OS so which distro is more of a specific questiong that you need to dial in on. BSD in general is probably a small notch above the rest and using a 'server-install' of something like Ubuntu which maintains and distributes rigorous updates instantly, you'll also probably find exactly what you're looking for.
-Securing it would be best to just do the most minimal installation possible and install ONLY what you need.
-Optimize the kernel
-Install Firewall with strict rules,
-Keep the box up to date...

All of these things can be done best with FreeBSD or Ubuntu for example. I choose Ubuntu over Debian because they sync and stabalize code from Debian's "Unstable" tree which means the apps are WAY more current.

I choose FreeBSD over OpenBSD/NetBSD/Dragonfly because of cvsup and portupgrade. Portupgrade let's the you build EVERY installed app from new patched/updated source from the cvs servers. Which with a good kernel setup, gives you a killer performance machine WITH all of the latest patches. Kernel config is much easier in BSD IMHO, but no too difficult wherever you go.

--Bill

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Next message: michele dallachiesa: "hopfake-2.0.BETA5 released"
Previous message: Michael Scheidell: "RE: ideal OS distro for network scanning?"
Maybe in reply to: offset: "ideal OS distro for network scanning?"
Next in thread: Pete Herzog: "Re: ideal OS distro for network scanning?"
Reply: Pete Herzog: "Re: ideal OS distro for network scanning?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:22 EDT