|
Hardened Distribution
Is there any hardened distribution of Linux that is reasonably secure out-of-the-box? If so where can I download it from? Please do not include Gentoo as it already gives me nightmares. It seems complex for someone new to linux.
|
Secure... All of them. :)
If you want a very secure system, you will have to lock-it down yourself. If you use a recent version of any distribution, you get all the latest packages. So this reduces the risk associated with software security holes -- just as long as you keep them up-to-date. ;) The rest is up to you. The important steps are to configure a good firewall, only start-up needed services and use secure passwords. Then, of course, there is the tweaking of the configurations files. Restricting access to normal users... Depending on what you plan on doing with your new Linux system, securing it can take less than an hour or a few days... if not more. Linux distributions vary on different implementation methods which can influence security, but in the end, all distributions try to be as secure as possible. |
That seems a little premature to me to state that every Linux distribution out there is secure out-of-the box. It seems to me in my opinion that it is dependent upon various variable to enhance security e.g. type of packages installed, services running, etc. I guess what I am looking for is for example if I choose a server installation, it should only install what is required not anything else. From my understanding Red Hat for example install other packages often not required e.g. CUPS. Why would I need CUPS when I selected I do not wish printer support.
|
It's an extremely common and foolish mistake to assume that all Linux distros (or any OS, for that matter) is "secure out of the box". The only one I've see come close is OpenBSD, simply* because everything is turned off by default (other than OpenSSH). I suppose maybe some others, like Plan9 and.. Eros is it? are pretty secure by default, too. Any way, I digress...
From my experience, Mandrake does a fair job of being relatively secure, but ONLY if you select a high security level during the install (it will ask you what security level to set to, the default is too insecure IMHO). Even though it uses some lock-down scripts, Mandrake still installs a lot of bloat so I wouldn't really consider it in any way a "secure distro". There are various different distros that claim to be "Secure Linux", so check out www.distrowatch.com. A quick search turns up Trustix, Immunix, EnGarde, etc... YMMV. *Actually, there's a lot more to it than that, but that is the easiest answer. |
chort,
Are there any "free" secure distributions I can download apart from OpenBSD or FreeBSD? |
First, OpenBSD and FreeBSD are... BSD (not Linux), so they aren't called "distros" (that's a Linux term). I probably should have better worded the first two sentences in my original post.
Are the three distros I posted not free? I looked at Trustix briefly and it seemed to be available for free... Did you not look at www.distrowatch.com at all? I also just saw Adamantix, which seems to be free as well... |
Distributions
I believe Trustix does not support their older versions and it is the first time I'm hearing of Adamantix. It seems to be based on Debian. Has anyone by any chance used Adamantix?
|
| All times are GMT -5. The time now is 03:59 PM. |