Linux servers - advice on security features

trout

folks ... I'm posting here rather than the Unix forum, as I wanted to get wisdom from an information security perspective, as opposed to fans of various Linux distributions.

I've been asked to research Red Hat Enterprise & SuSe Linux Enterprise as possible server platforms. My background is mostly Wintel & Novell ... with a little Solaris.

I don't want to make naive assumptions that the Linux distros are all equally good from a security aspect, or can be made secure with a variety of tools & bolt-ons.

So, I'm looking to compare the two distros, and any reviews or articles I've found so far on the web are somewhat biased or influenced by a particular vendor.

Can anyone here point me in the right direction for vendor independent comparison or discussion of security aspects of the various Linux server platforms ?

Servers will be mixed use, file shares, database and web server - but my main interest is the file/share security, user management, password complexity & re-use, and especially activity logs & audit trails.

I'm not trying to avoid doing the research & donkey work myself ... just looking for any pointers or starters.

TIA

JimmyCrackCorn!

First off SUSE,RED HAT/FEDORA. Are all built from the same underlying core code. The Kernel is Linux and the majority of the packages installed will be common across the variants.

The differences come in that some of these "enterprise" versions of Linux throw in some branding and there own packages.
don't get me wrong there will be differences in structure of config files and default file system layout as well as applications e.g. package management.

The question you have just asked is one that is almost impossible to answer. Its more than likely if a security hole in the software exists it will be across all of them from desktop Ubuntu to Fredora as is often/normally the case.

In your situation if you want an off the cuff answer that you wont like and is of no relevance id say hardened Gentoo.

But its more important to remember that a vendor will not solve your problem because you paid for the software. I can set up Hardend Gentoo poorly and have it broken into easily and i can also setup Ubuntu server maintain it properly secure it and have no issues. The key is in how you set it up and how you maintain it not what you buy.



Dont make the mistake of thinking you can buy security in a tin its. If you do you just bought snake oil.

trout

JimmyCrackCorn! wrote: »

In your situation if you want an off the cuff answer that you wont like and is of no relevance id say hardened Gentoo.

Thanks for that.

Maybe I should post my question in the Unix forum after all ... what I'm after is tips & pointers on the differences between the two distros mentioned, particularly in terms of any provided security toolsets.

I do take your point though, about setup & maintenance being key to security ... I just want to know which of the two distros mentioned lends itself to most secure/least headaches, or is it much of a muchness ?

Thanks anyway.

ntlbell

Have you considered OpenBSD?