What is the most secure (yet easy - to - use) linux server distrobution that has the highest compatibility among multiple operating systems.
Also, I would like links to the documentation for you suggestions. I'm really interested in (RTFM). :)
Printable View
What is the most secure (yet easy - to - use) linux server distrobution that has the highest compatibility among multiple operating systems.
Also, I would like links to the documentation for you suggestions. I'm really interested in (RTFM). :)
http://www.nsa.gov/selinux/
Actually, I don't know if it is the most secure for your purposes...do you intend to use it as a server, or do you just want a linux operating system? (just clarifying...sometimes people don't say what they mean)
I still don't know the answer to your question though...I suppose hardware considerations will play into your decision...along with necessary apps... depends on your needs. You will have to do a little research on your own...what is best for one is not necessarily best for another...
I use Ice Pack & Red Hat as my home distros. However, I also have systems running XP Pro & Win 2K at home and would like to network the house together and also set up a linux web server. I would like a known secure OS and I will learn more about securing it further as I go.
Well, acctually, SELinux is only the kernel. It is based on the main offical Linux Kernel, but it majorly modified for security. I would say, any distro is as secure as you make it. Any distro can be either really secure, or really insecure, depending on how you treat it. ;-)
Peace
MB
Great, am I looking for too much by asking which one would work well on a network of systems running (XP, 2K, RH9, Ice Pack)? I was thinking of having it work as a storage server making files easily accessable from all of my system. Maybe inserting 2 hard drives one for the linux partition and the other FAT so I can read it with both my nix and MS boxes. Could this system also run my web server or is that pushing it?
Also, what type of security would I get from a *nix server? I have managed both NT & 2K servers and familiar with the added security I can get by creating the domain and adding priviledges over the users on the domain level.
I would stick in another redhat server since you're already familiar with it.
Set it up with Apache as your webserver and install and configure Samba so you can use it as storage for your windows boxes (no need to create a FAT partition). You can also use NFS to export the same directories to make them easily accessable from your other un*x boxes.
That sounds great, is there any place I can download a great PDF version of the Red Hat Server guide/documentation?
What type of added security would I get from running a Red Hat Server?
Will this have any added effect over my MS boxes?
I was able to find these resources Network Install HOWTO which covers SuSE Server Setup, Redhat Server Setup, and Debian Server Setup. Are all three of these servers free of charge for home use and where can I get the ISO's. Unless these are provided in with the original software ISOs as I believe Red Hat is.
I would like to give my opinions on a few OSes I've used that are almost unparallel to the others in terms of security. Please know that I'm not saying other OSes are any worse, nor that any OS is more secure in the end than any other one. Any OS can be made just as secure as any other OS, because it is all admin based. How much the admin knows depends on how secure the OS is. I hope you find this somewhat helpful!
OpenBSD: =- http://www.openbsd.org
Not only is this secure by default, but the entire source of the system went through an Audit by the maintainers to eleminate tons of buffer overflows, tons of remote exploits, etc etc, all by themselves. Even new code that is released gets reaudited by the team to a streamlined ability. It's a killer, killer server distro of BSD that no other OS can touch in terms of *default* and *hardcoded* security. Warning, although it can be used as a desktop system, if you are a hardcore gamer stay away. On the other hand, only one remote exploit in 7 years. Hands down the best server OS in terms of security and stability.
NetBSD: =- http://www.netbsd.org
It's very similar to OpenBSD, but it's focus is more on compatibility than security. While maintaining a good amount of security, we all keep in mind the compatability motto of NetBSD: "If it runs, then it can run NetBSD."
Gentoo Linux: =- http://www.gentoo.org
Gentoo is a linux distro in it's own world. It is more secure by default than OpenBSD in terms of open ports and prerunning services. While installing it takes a bit of reading and learning of the linux command line, the amount you learn is priceless. After the installation procedure, upgrading and installign packages is as simple as : emerge gnome emerge xmms emerge kde, etc etc... which would act just like the OpenBSD portage tree! It searches the Gentoo portage tree ( a list of applications that have been ported just for gentoo and proven to be stable on it) for the needed dependencies, files, and configurations. It auto downloads it for you, configures it all for you, then compiles and installs. That simple. In terms of security it is top notch in the upgrade area. emerge -UD world upgrades your entire system from the ground up with any new packages and upgrades. So, it's a very decent, easy, and secure server to setup... while also being a very fast desktop since everything is configurable.
EDIT: I can not stress enough how important it is that the final aspects of security all come down to the admin. XP, linux, BSD, 2k... all can be just as secure as the rest if the admin has studied each equally.
pst: You're forgetting the most populair BSD, FreeBSD. If you have an Intel (or compatible) machine FBSD would be the most obvious choice. More info at http://www.freebsd.org
Excuse me for sounding a bit rude, but why is FBSD the *obvious* choice for intels? FreeBSD is the redhat of the BSD distro. It offers a ton of hardwards compatability (but not as much as NetBSD), it offers a handful of security features (but not as much as OpenBSD), and is easier to install. It's a very good choice for people who want BSD, but also want to game. This means giving up stability for speed, and security for convienence. I'm afraid it is not secure enough, at least from my experience, to act as a full time running server. A desktop, yes, but server no.
I'm looking for "secure" and "server" and must be compatible with multiple platforms.
I wonder why alot of ISPs are running FBSD if it's not secure enough?!? Please explain to me why you think it's not secure enough (give me examples!).Quote:
Originally posted here by pooh sun tzu
I'm afraid it is not secure enough, at least from my experience, to act as a full time running server. A desktop, yes, but server no.
I've been using fbsd for years and I never had any security issues with it.
What makes FBSD a great choice for servers is that it's super stable.
Cheers,
cgkanchi
By the way, you don't have to set up two partitions or hard drives, Linux and Windows will both read and write to FAT32.
And Have you ever considered Mandrake? It is actually very secure and it comes with some great packaging. Linus himself uses it on his home computer.
I have never heard anything on Mandrake except for personal preference and most people say to avoid it without giving it any details or information to back it up. Personally, I haven't een tried it, so I don't know anything about it. I use Red Hat & Ice Pack at the moment. Does Mandrake have a Server edition?
There was a discussion on this a while back. While FAT32 mounted as umsdos works fine, it's not a great idea for reasons of speed/performance.
Cheers,
cgkanchi
Actaully yes! Mandrakesoft has made desktop, server, and even firewall systems (aka a router box). Mandrake has lots of support, it is the second most supported distro in terms of software development, it also works with RPMs and has a feature similar to RedHat's app-get (on Mandrake it is urpmi). Installation is a breeze and it comes with plenty of goodies. Check it out sometime; I really reccommend it to beginners and advanced users alike.
here is a list of all the different products they make:
http://www.mandrakesoft.com/products/range?wslang=en
AFAIK, apt-get is a Debian feature. RH uses up2date. Also, a bit of trivia, the reason Mandrake is so compatible with RedHat packages is that it was once based on RedHat (upto version 5 or 6, I think).
Cheers,
cgkanchi
In the preview, on the mandrake website is shows a screenshot of Mandrake Running VMware to host WinXP. Does Mandrake come with VMware built in or do I still have to dish out the $300.00
Actually I really couldn't tell you right now. I will get back to you if I figure out but I am late for class (for the Vmware)
And cgkanchi, my bad. I have been using Knoppix-std on another system (which I reccommend Heavily) and I guess I got confused.
+1 to cgkanchi
(edit)
Hey where did you find that Screenshot, I haven't found it yet.
AFAIK, you have to dish out the moolah.
Cheers,
cgkanchi
If it was part of the package, you could just call me switched. :)
http://www.mandrakesoft.com/products/92/comparison
Vmware comes with the 9.2 Powerpack and Prosuite
$69 for the Powerpack
$145 for the Prosuite
The difference from the Powerpack and the Prosuite is that the Prosuite comes with the Dedicated Server wizard as well as all the workstation cds and Extras DVD. Check out everything at that link above. I am now seriously considering upgrading from 9.1 by buying that Powerpack.
(edit)
And just for kicks how cool is this?
http://www.mandrakestore.com/mdkinc/...G_=en#GOTO_367
Yes they even sell a Bootable Mandrake (A.K.A cd only). It is expensive but it comes with a usb key. And if you don't want that then you can buy it for $19 or just download it.
In my opinion, Mandrake now has the most complete Linux Distro line out there:
Server
Workstation
Boot only Cd Distro
Firewall
Clustering OS
I enjoy working in Gnome, with Evolution (Mail), Mozilla (Browser), GAIM (Messanger), OpenOffice (Application). I'm not too fond of the freeware base games or a few of the extras the package in. However, I would not mind running VMware to run a few of the games I have and/or to switch into Win2K mode if needed over a friends house for Counter-Strike or to plug in my US Robotics Wireless Card that does not have *nix drivers.
Another option I would like would be to setup a home network that would be compatible to this system and allow me to have a wide variety of Security Enhancements.
I have found these features to be provided under RedHat, but with support going. How long should I keep it?
What would you suggest as an alternative? The games I play are Counter-Strike, Warlords Battlecry II, Rise of Nations, Magic The Gathering Online, and a few others.
winex from transgaming..
I got a lot of games running fine on that..
VMware does not support DirectX afaik..
Use wine and go here to see how to make each game work individually. There is a great forum where prople post problems and solutions to just about every piece of software on Windows. It is most def worth a look. Helped me get Photoshop Running on Linux!
http://appdb.winehq.com/appbrowse.ph...fd6f338cc8b79b
I am a subscriber and active payer to WineX, as well as having preformed a lot of game testing for them. I've only come across a few games WineX could not run, but the list it can run is amazing. Since it is meant for DX 8 and 9 handling, it's built for gaming. I've used normal wine and since it isn't dx based on a primary factor... you can tell the effects and horrors of it on fps games. Not that I don't respect wine for its normal application use, but each tool must be used in its appropriate manner.
http://www.transgaming.com
For security it is SELinux - which you can install from Fedora Core 2 by typing selinux at the install prompt. However, it is NOT easy. As you go through the install you will be presented with the option of how strong you want your system to be. I suggest you let it complain but not be enforcing. It took me 3 days to get named running.