[ale] Is this BS?
Collin Pruitt
hellow at binenv.com
Thu May 22 18:11:28 EDT 2014
I agree that my statement was quite broad, however I base it off of my
personal experience. In my experience, Ubuntu holds the largest number
of Linux desktop installations outside of the enterprise market, where
obviously RHEL holds the most. Ubuntu is shipped relatively more
insecure than other Linux distros because it is oriented towards
somebody that is completely clueless as to how Linux distributions
operate. They (generally) don't know what iptables is, or SELinux, or
even what all of the various pre-installed services do. Security does
not allow for a streamlined process when it comes to users with no clue
what they are doing, so that is why I make the broad statement that most
Linux desktop installs are inherently more insecure. Because they are,
because most of them are Ubuntu or something based off of it/something
similar.
Again, all in my experience. I may very well be completely wrong because
my experience has been skewed by a good number of things.
On 5/22/2014 5:33 PM, James Taylor wrote:
> I don't believe you can make a universal statement about that.
> When I install openSUSE, by default, the firewall is on and no
> externally accessible services are available unless I enable them.
> And it is very easy to use in that configuration.
> I can't speak for Ubuntu. I don't use it.
> -jt
>
>
> James Taylor
> 678-697-9420
> james.taylor at eastcobbgroup.com
>
>
>
>>>> Collin Pruitt <hellow at binenv.com> 5/22/2014 5:21 PM >>>
> He is certainly very right about that. Most distributions that are not
> specifically designed for server usage come out-of-the-box more
> configured for usability than security.
>
> On 5/22/2014 5:10 PM, John Heim wrote:
>> I am currently talking with someone who claims Windows is more secure
>> than linux "out of the box". Is the following comment by him BS? I can't
>> find anything on google and I've never heard there is anything you have
>> to do after installing debian or ubuntu to make it secure.
>>
>>> Most distros (Debian and Ubuntu for example, as I've already pointed
>>> out) come with services running
>>> that don't need to be by default and no default block input policy.
>>> obviously this doesn't make one more
>>> secure than another, but a user needs to know to disable those, or
>>> bind them to loopback or even just
>>> protect them with iptables.
--
Collin Pruitt
"With the first link, the chain is forged. The first speech censored,
the first thought forbidden, the first freedom denied, chains us all
irrevocably." - Jean-Luc Picard, TNG "The Drumhead"
More information about the Ale
mailing list