Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Dear all:
I want to excel in Linux based security systems. In the market I see many distributions of Linux as well as on the web. I want to find out exactly which distribution is best or developed while keeping security in mind.
[Security] means I want to choose the specific Linux flavour which provides best built-in security tools and also support development environment for such tools.
In my point of view, gentoo is one of the most secure distributions, because you should build the all distribution from scratch choosing what component and flavours do you want for all packages, in that way you can build a very minimal/secure distribution with just the things that you need, using the USE variable of the make.conf. In general the distributions are compiled with a lot of options that maybe you don't really need, but in gentoo you can choose exactly what you need in order to reduce the things that can be exploited later.
EnGarde is a Linux distribution that is built specifically to provide a very secure server environment, but if security is of the utmost importance, any distribution of Linux is typically better than Microsoft Windows, but it is not the best.
OpenBSD is the most secure operating system in the world, with a catch: it's not Linux. But the tools of the BSDs are often very similar to their Linux counterparts and most people who've got a fair amount of Linux experience should be able to learn about the BSDs and gain familiarity with them without too many problems.
EnGarde is a Linux distribution that is built specifically to provide a very secure server environment, but if security is of the utmost importance, any distribution of Linux is typically better than Microsoft Windows, but it is not the best.
OpenBSD is the most secure operating system in the world, with a catch: it's not Linux. But the tools of the BSDs are often very similar to their Linux counterparts and most people who've got a fair amount of Linux experience should be able to learn about the BSDs and gain familiarity with them without too many problems.
There really is no "Most secure operating system in the world" each one has its strengths and weaknesses you just need to find what best fits your needs. security and useability don't normally go hand-and-hand so you have to figure out what best meets your objective.
There are to many flavors out there to say X is best or Y is best
So many to choose from, I do not believe you can make a bad choice. I like Red Hat & Fedora and CentOS (a Red Hat clone). I administer Linux production servers running 300+ gig oracle databases, so I am biased to Red Hat. I'm sure other Linux's would work in place of RH, but you go with what you know.
Any recommendation will depend on how you plan to use it and what software you'll be utilizing, ON TOP OF THE DISTRO. For instance, OpenBSD will be tight, but when you add a php-based app to it, you're more than likely lessening OpenBSD's tightness.
Just pick a flavor and begin your experience. No matter what you pick, you're going to learn something.
I have planned to use combination of RHEL5 and ubuntu. It may be challenging to manage but I also want this combination to be equally difficult and challenging for the foreign attacks on my machines. Any suggestions?
Not entirely sure what you mean by a 'combination'...
Why limit yourself to any distro, or any few... I have a testing box... it's an old P4 with 1GB RAm and a 500GB HDD and I have a bunch of distros on it... Debian, Ubuntu, Fedora, Centos, Slackware, Gentoo, OpenBSD, Solaris.
If you intend to be in any way proficient in the Unix world, you should expose yourself to all you can.
As for attacks on your machines... I wouldn't worry about it... 99.9% of attacks are from bots or inept script kiddies and wouldn't penetrate an unpatched XP SP1 box running IIS6, let alone a Linux box.
For fun, you should put together a honeypot or darknet...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.