[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Wanting opinions...

To: silug-discuss@silug.org
Subject: Re: Wanting opinions...
From: "L. V. Lammert" <lvl@omnitec.net>
Date: Fri, 17 Jun 2005 13:04:54 -0500
In-Reply-To: <20050617165413.GA12960@SDF.LONESTAR.ORG>
Organization: Southern Illinois Linux Users Group
References: <4.3.2.7.2.20050617113358.00ba1888@mail.omnitec.net><1119023235.4785.3.camel@visitor123030.mcs.anl-external.org><1119023235.4785.3.camel@visitor123030.mcs.anl-external.org><4.3.2.7.2.20050617113358.00ba1888@mail.omnitec.net>
Reply-To: silug-discuss@silug.org
Sender: silug-discuss-owner@silug.org

At 11:54 AM 6/17/2005 -0500, you wrote:
>On Fri, Jun 17, 2005 at 11:43:37AM -0500, L. V. Lammert wrote:
> > If I want to put a server on the 'Net, I use OpenBSD. Never had to worry
> > about getting rooted (one RedHat box from a customer was on THREE DAYS
> > before getting rooted).
>
>If you're going to use this argument, I would prefer that you keep your
>drool-mouthed diatribe to yourself.

Holy *** batman! Who appointed you GOD? Sheesh.

>The concept that OpenBSD is more secure IN GENERAL than any other UNIX or 
>UNIX clone is more a red
>herring than anything else.

That's crap and you know it. OpenBSD:

1) Has been AUDITED for every aspect of the kernel
2) There has been **NO** hole in the kernel for eight years; Linux can't 
even say EIGHT MONTHS! They had, like, 20 kernel exploits last year alone!

>Sure, OpenBSD may be locked down out of the box, but that doesn't mean you 
>can't lock down a Red Hat box to the
>level of an OpenBSD box to the outside world.

Locked down has nothing to do with auditing - don't confuese them.

>And there are a whole ton of things about OpenBSD that drive me mad
>because I wouldn't do things that way, like running Apache in a chroot
>jail.

Huh? It's been running fine for MANY years, .. guess you didn't bother to 
come to my 'Running Apache Chroot'd' presentation?? There is absolutely NO 
problem with chrooting Apache, once you understand what's going on.

The ONLY problems come with badly written apps.

>... and putting any machine on the Internet without locking it down
>first is outright stupid, careless, and foolish.  Do the install either
>on a chunk of isolated ethernet or behind a firewall that's doing NAT.

Again, nobody's talking about locking down; we're talking about kernel 
exploits. Ever hard of a rooted OpenBSD server? Nope. Ever hear of a rooted 
Linux machine? Been there, seen that.

Can we PLEASE keep the politics down, per the original request? All I 
expressed were facts and my conclusions; you're certainly entitled to 
yours, but the LIST is not fodder for a flame war.

         Lee

-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.

Follow-Ups:
- Re: Wanting opinions...
  - From: mike808@users.sourceforge.net
- Re: Wanting opinions...
  - From: Nathaniel Reindl <fiction@sdf.lonestar.org>

References:
- Re: Wanting opinions...
  - From: "L. V. Lammert" <lvl@omnitec.net>
- Wanting opinions...
  - From: Ken Keefe <kjkeefe@gmail.com>
- Re: Wanting opinions...
  - From: Nathaniel Reindl <fiction@sdf.lonestar.org>

Prev by Date: Re: Wanting opinions...
Next by Date: Re: Wanting opinions...
Prev by thread: Re: Wanting opinions...
Next by thread: Re: Wanting opinions...
Index(es):
- Date
- Thread