Ok I should have been a little more specific when asking the question so please let me rephrase it: Which distribution offers the best support when it come to keeping packages up to date, when it comes to security? The Wolf -> -----Original Message----- -> From: J.L.Francois [mailto:frenchie@magusnet.gilbert.az.us] -> Sent: Tuesday, July 04, 2000 5:06 PM -> To: plug-discuss@lists.PLUG.phoenix.az.us -> Subject: Re: Secure Linux Distro -> -> -> It seems like on Tue, Jul 04, 2000 at 04:15:15PM -0700, The -> Wolf scribbled: -> Orig Msg> I have been using Mandrake for quite some time. -> Orig Msg> -> Orig Msg> But since they have been pronounced the easiest -> Orig Msg> distro to break into I would like to know what -> Orig Msg> would be the hardest dirstro to break in. -> Orig Msg> -> Orig Msg> -> Orig Msg> -- -> Orig Msg> The Wolf -> -> You are asking the wrong question. -> -> Even OpenBSD which is touted as secure out of the box -> has CERT advisories that mention it that come out once -> or twice a year. -> -> There are no guarantees against buffer overflow attacks. -> There are no guarantees against backdoors or Trojans. -> There is no such thing as a secure system. -> Security is not a "fire and forget" operation. -> Security takes constant vigilance, planning, and learning. -> -> MagusNet, Inc. firewall rules and configs are constantly -> reconfigured based on attack signatures for each day. -> Every part of my hybrid firewall config is custom and looks -> nothing like what would come out of any distribution. -> There is no way *any* vanilla distro could account for -> the number and types of attacks I see in a 24 hour -> period due to running a Public Proxy. -> -> For the record I haven't had any system I personally -> connected to the Internet get compromised over the -> last 3 years, that tells me I am due, not that I am -> better than the crackers. -> -> The most secure distro is the one you set up and test for yourself -> for the paticular requirements of your network. -> The hardest system to break into is the one that provides the least -> amount of services to attack and causes the most amount of time -> to be wasted during the attack. -> It has to be constantly monitored and dynamic enuff to change -> as the threat changes. -> -> Its kinda like car theft, make your system least likely to -> be attacked -> by installing the tools to make the life of a cracker miserable and -> frustrating. Script Kiddies need not apply. -> -> All of the above are concerns no matter what distro or Operating -> System you happen to be running. If anything the distro is -> irrelevent. -> If you are waiting for someone else to do it for you, you will -> be waiting a long time. -> -> Jean Francois Sends... -> President & CEO - MagusNet, Inc., MagusNet.com, -> MagusNet.Gilbert.AZ.US -> Director Of Managed Services - OpNIX,Inc., www.opnix.com -> OpNIX - Simply Better Bandwidth -> 602-770-JLF1 - Cellular, ICQ: 8137851 -> -> -> _______________________________________________ -> Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us -> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss ->