LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-02-2008, 12:45 AM   #1
bapigoo9
Member
 
Registered: Aug 2008
Posts: 107

Rep: Reputation: 16
How does Linux compare to the "most secure OS on the planet"? (According to SUN)


From the Official Sun web page:

Quote:
http://www.sun.com/software/solaris/security.jsp
The Solaris 10 Operating System, the most secure OS on the planet, provides security features only found in Sun's military grade Trusted Solaris OS.
They claim that people with specific regulatory or information protection requirements use their OS. How does Linux compare?

Last edited by bapigoo9; 12-02-2008 at 12:49 AM.
 
Old 12-02-2008, 12:53 AM   #2
Alien_Hominid
Senior Member
 
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247

Rep: Reputation: 53
http://en.wikipedia.org/wiki/Securit...Linux#Overview
Quote:
Primarily developed by the US National Security Agency ...
if claiming that you're most secure makes any sense.
 
Old 12-02-2008, 01:09 AM   #3
bapigoo9
Member
 
Registered: Aug 2008
Posts: 107

Original Poster
Rep: Reputation: 16
Informative link on SE Linux. Sun says that Solaris 10 is the most secure OS on the planet. Has anyone compared them with SE Linux?
 
Old 12-02-2008, 01:35 AM   #4
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
"military grade" ... mmmhummmm, I know exactly how secure that is, and I'll be sticking with Linux for the time being
 
Old 12-02-2008, 08:25 AM   #5
dbogdan
Member
 
Registered: Feb 2005
Location: Metro Detroit, US
Distribution: Suse/Slackware/Mepis
Posts: 174

Rep: Reputation: 30
"military grade" ha...

http://blog.wired.com/defense/2008/1...ans-usb-d.html

Obviously "military grade" includes Windows too.
 
Old 12-02-2008, 09:58 AM   #6
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Heh, I remember back in '98 when Ehud Tenebaum used a vulnerability in Solaris to wreak havoc upon the Pentagon. And it wasn't zero-day or anything, it was just that the Pentagon servers weren't patched even though the vulnerability was well-known. Hopefully the term military-grade has more meaning today.

Sun's claim that Solaris 10 is "the most secure OS on the planet" is obviously nothing but marketing hype. Maybe it's true. Maybe it's not. You can't really know that because security depends on so many things other than the software itself. I'd like to think most of us are aware that security is not a product, and as such it's pointless how good Sun says Solaris 10 is if it (or any other OS) isn't supported with solid policies, methods, procedures, and practices on behalf of the human beings that actually use it.
 
Old 12-02-2008, 11:58 AM   #7
rahulk
Member
 
Registered: Mar 2006
Posts: 110

Rep: Reputation: 16
Well, I am working as a Unix/Linux sys admin and have experience in both Solaris and Linux (P.S. I am still biased toward Linux though).

Its a myth, no one can claim that certain OS/software is non vulnerable. Vulnerabiity is directly proportional to the years of usage. Once you get strangle-hold of the OS internals, its possible to hack anything.

Sun can claim it to be most secured but then loop holes are everywhere. They wont be so common as in Windows but its more of a debate then anything else.

Good thing about Linux is that we have huge developer base who work for non-profit opensource community hence the fix would be quick as compare to annything else.

I have seen Solaris getting crashed due to some processes so its pre-mature to say that it is the most secure OS. However, both Linux/Solaris are extermely secure unless a novice set them up.

Enjoy!!

Rahul Khare
 
Old 12-05-2008, 01:31 PM   #8
jayjwa
Member
 
Registered: Jul 2003
Location: NY
Distribution: None (src & compile)
Posts: 253

Rep: Reputation: 36
Don't Sun boxes come with Telnet, rpcbind, and SNMP wide open? At least all the Sun boxes I see do.
 
Old 12-07-2008, 01:38 AM   #9
bapigoo9
Member
 
Registered: Aug 2008
Posts: 107

Original Poster
Rep: Reputation: 16
From your link: (dbogdan)

Quote:
which spreads by copying itself to thumb drives and the like. When that drive or disk is plugged into a second computer, the worm replicates itself again this time on the PC. "From there, it automatically downloads code from another location. And that code could be pretty much anything,"
How does the worm execute when you plug the usb into the usb drive without the user initiating the executable to run?
 
Old 12-08-2008, 03:38 PM   #10
jlliagre
Moderator
 
Registered: Feb 2004
Location: Outside Paris
Distribution: Solaris10, Solaris 11, Mint, OL
Posts: 9,499

Rep: Reputation: 355Reputation: 355Reputation: 355Reputation: 355
Quote:
Originally Posted by jayjwa View Post
Don't Sun boxes come with Telnet, rpcbind, and SNMP wide open? At least all the Sun boxes I see do.
That used to be true but it's now an installation (by default) choice with Solaris 10 1/06 and newer. The secure by default option closes all remote services except ssh.

I agree with the previous statement about security being a process more than a feature. Of course it helps if the underlying OS has good observability and specialized security capabilities. Solaris certainly does a good job here.

Poor administration and application weaknesses can make any OS vulnerable, including the most secure ones ...
 
Old 12-09-2008, 11:11 PM   #11
internetSurfer
Member
 
Registered: Jan 2008
Location: w3c
Distribution: Slackware 12 Zenwalk 5.2
Posts: 71

Rep: Reputation: 16
Quote:
Originally Posted by bapigoo9 View Post
How does the worm execute when you plug the usb into the usb drive without the user initiating the executable to run?
AutoPlay Worms
https://forums.symantec.com/syment/b...&thread.id=222

_
 
Old 12-17-2008, 10:42 PM   #12
bapigoo9
Member
 
Registered: Aug 2008
Posts: 107

Original Poster
Rep: Reputation: 16
Quote:
AutoPlay Worms
As the link name suggests, it is from Auto Play features of Windows. Is there an OS explanation of what the worms do? And, is there such an Auto Play vulnerability in Linux?
 
Old 12-22-2008, 09:25 PM   #13
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,377

Rep: Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108
It's entirely a myth that any operating system is "categorically secure" or "categorically insecure."

Microsoft Windows has an extremely well thought out security architecture ... especially nice when you need to manage many hundreds of systems at one time.

But... no amount of "well thought out security architecture" is going to do anyone a tinker's-dam worth of practical good when you've got everyone set up as an all-powerful Administrator! (In effect, "all that security" is turned off!)

Security is a process. Don't matter if you're talking about a computer or a house: "the lock, alone" does not make the difference. You've got to consider not only the lock, but the door and the frame, and whether-or-not there's an open window nearby, and whether-or-not "the dammed fool who owns the house actually locked that 'impregnable burglar-proof door.'"

Linux... OS/X... Windows. All three are competently designed systems. All three are capable both of security and tomfoolery.
 
Old 12-28-2008, 10:38 AM   #14
Oxagast
Member
 
Registered: Aug 2003
Location: Mocksville, NC, USA
Distribution: Gentoo, Slackware.
Posts: 410

Rep: Reputation: 30
I've never considered Windows "secure". But Sun, I can't tell you how many Solaris 10 boxes I've rooted, and getting into them was alot easier than most linux boxes. Most secure OS on the planet my ass.
 
Old 12-29-2008, 09:15 AM   #15
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 163Reputation: 163
Quote:
Originally Posted by bapigoo9 View Post
From the Official Sun web page:

They claim that people with specific regulatory or information protection requirements use their OS. How does Linux compare?
Security is more a function of competent administration and staying up to date on critical issues than the underlying OS.

I've secured SUNOS, Solaris, SCO, *BSD, Linux, and IRIX. I've also cleaned up each and every one of those operating systems (except sunos) for companies after they've been rooted by someone.

Security is layered for the most part and some layers are far thicker than others.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: "Linux more secure than Windows", Microsoft vulnerability report suggests LXer Syndicated Linux News 0 08-21-2007 01:30 PM
LXer: "Linux more secure than Windows", Microsoft vulnerability report suggests LXer Syndicated Linux News 0 08-21-2007 09:20 AM
LXer: FSF prepares a new "Libre Planet" campaign LXer Syndicated Linux News 0 08-04-2007 08:46 PM
LXer: Why EnGarde Secure Linux is "Secure By Design" LXer Syndicated Linux News 0 10-10-2006 12:21 AM
Microsoft "Secure Authentication" on Linux? KingofBLASH Linux - General 0 02-17-2004 12:10 PM


All times are GMT -5. The time now is 11:01 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration