All that being said Jean is a security expert and knows what to look for. If you would like a good starting point for good security OpenBSD is a good start. If you must have/want Linux then Debian would be my next suggestion. So if your not a security expert like Mr. Francois is, you would probably want to use one of the above as a better starting point than Mandrake or RedHat. Just my $0.02 Bill Warner "J.L.Francois" wrote: > It seems like on Tue, Jul 04, 2000 at 04:15:15PM -0700, The Wolf scribbled: > Orig Msg> I have been using Mandrake for quite some time. > Orig Msg> > Orig Msg> But since they have been pronounced the easiest > Orig Msg> distro to break into I would like to know what > Orig Msg> would be the hardest dirstro to break in. > Orig Msg> > Orig Msg> > Orig Msg> -- > Orig Msg> The Wolf > > You are asking the wrong question. > > Even OpenBSD which is touted as secure out of the box > has CERT advisories that mention it that come out once > or twice a year. > > There are no guarantees against buffer overflow attacks. > There are no guarantees against backdoors or Trojans. > There is no such thing as a secure system. > Security is not a "fire and forget" operation. > Security takes constant vigilance, planning, and learning. > > MagusNet, Inc. firewall rules and configs are constantly > reconfigured based on attack signatures for each day. > Every part of my hybrid firewall config is custom and looks > nothing like what would come out of any distribution. > There is no way *any* vanilla distro could account for > the number and types of attacks I see in a 24 hour > period due to running a Public Proxy. > > For the record I haven't had any system I personally > connected to the Internet get compromised over the > last 3 years, that tells me I am due, not that I am > better than the crackers. > > The most secure distro is the one you set up and test for yourself > for the paticular requirements of your network. > The hardest system to break into is the one that provides the least > amount of services to attack and causes the most amount of time > to be wasted during the attack. > It has to be constantly monitored and dynamic enuff to change > as the threat changes. > > Its kinda like car theft, make your system least likely to be attacked > by installing the tools to make the life of a cracker miserable and > frustrating. Script Kiddies need not apply. > > All of the above are concerns no matter what distro or Operating > System you happen to be running. If anything the distro is irrelevent. > If you are waiting for someone else to do it for you, you will > be waiting a long time. > > Jean Francois Sends... > President & CEO - MagusNet, Inc., MagusNet.com, MagusNet.Gilbert.AZ.US > Director Of Managed Services - OpNIX,Inc., www.opnix.com > OpNIX - Simply Better Bandwidth > 602-770-JLF1 - Cellular, ICQ: 8137851 > > _______________________________________________ > Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss