Novell Adding to OSS ' SUSE gets more secure
Results 1 to 8 of 8

Thread: Novell Adding to OSS ' SUSE gets more secure

  1. #1
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177

    Novell Adding to OSS ' SUSE gets more secure

    http://news.com.com/Novell+taps+open...3-5575225.html


    For Novell, security and open source belong together.

    The Waltham, Mass.-based company said Monday that it will submit the programming interfaces for eDirectory to two open-source projects, allowing developers to use Novell's directory program to authenticate network access. Novell also detailed a partnership with Linux security company Astaro to create a security appliance that runs Novell's SuSE Linux operating system.

    The announcements were made in conjunction with this week's RSA security show in San Francisco and LinuxWorld conference in Boston.

    The submitted code is required to use security-related services in Novell's eDirectory, which forms the basis for Novell's suite of identity management software. The contributed software will be managed by the FreeRadius and Samba open-source projects.


    Novell has a well-established portfolio of network security-related products, which it sells under the Nsure brand. In 2003, it acquired open-source companies SuSE Linux and Ximian in an effort to tap into growing interest in open-source software.

    Heh, hey there RedHat, hear that? I think it's a bell. Someone is getting schooled.

  2. #2
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    The fourth version of Red Hat's software uses the 2.6 kernel for the first time. This improves general performance, I/O functions, networking, memory and storage. It also includes "Security-enhanced Linux" developed with the US' National Security Agency. The firm is also extending support from five to seven years in response to customer requests.


    -Maestr0

    http://www.theregister.co.uk/2005/02/14/redhat_four/
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  3. #3
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177

    Talking

    I was gonna say...SE Linux is, IMHO, a much bigger deal than OSS for Suse. Not trying to knock Suse, but SE Linux opens up the potential for Linux to be used in a hell of a lot more Government and restricted environments.

    Just my $0.02. I think they all suck. BSD FOREVER! YYYAAAAAAAAaaaaaaaaaaaaa.............(mmphhhh) <<sounds of ZC being eaten by the unwashed Linux heathens!>>
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  4. #4
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Maestr0, Does RedHat use a Custom compile on the Kernel to prevent Buffer Overflows like SUSE has not got in 9.2?

    and ZenCoder, This is somewhat secret, but SUSE from what I've seen, is in more Government installs than SE Linux. I can verify it's used in the DoD, and in both federal and local. And so is BSD.

  5. #5
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    Suse 9.1 supported the NX (No execute) for x86_64, and Suse 9.2 has added that support for the x86. RedHat has supported NX,stack protection (called ExecShield), and PIE (Position Independent Executables) since Red Hat Enterprise Linux 3 - Update 3. That being said, I do prefer Suse to RH, but I'll take Debian over both of them.

    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  6. #6
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    But I'm not talking about Enterprise here. For the price of RedHat Enterprise, I could get about 5 copies of SUSE Enterprise.

    Which SUSE Enterprise was given the highest award in security of any Linux. That was last year sometime?

    In this part though, I was talking about the Desktop versions. Not Corporate. Which yes RedHat has quite a few things for their customers, but in terms of which is most secure, well, can you update RedHat before it's even been booted up? Is X listening on Redhat by default? SUSE has harden_suse and Bastille. And has nothing that can be accessed by default. The firewall is on by default.

  7. #7
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Originally posted here by gore
    and ZenCoder, This is somewhat secret, but SUSE from what I've seen, is in more Government installs than SE Linux. I can verify it's used in the DoD, and in both federal and local. And so is BSD.
    As someone that daily interfaces with both the DLA (Defense Logistics Agency) as well as DLIS (Defense Logistics Information service) (both under DoD), I can't say I have seen ANY specific official preference for any Linux. The IA (Information Assurance) control publishes an IT solutions document which names approved software for workstations and servers among many others.
    For workstations NO Linux is approved and for servers, any "hardened" Linux used as specified by NSA guidelines. Of course any Linux with SE Linux fittings can make the grade as SE being an
    NSA pet.

    That being said, I have seen many flavors of both Linux and BSD in use but usually in association with heavily contracted projects.

    Will be interesting so see if there are even any STIGs for Linux or BSD.

  8. #8

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •