Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If you are familiar with Redhat Linux, then you can use Redhat Enterprise Linux. If you need something completely free, then try CentOS which is a free RHEL rebuild. Redhat is now old, outdated and unsupported so its not really worth using it.
Sure RHEL and CentOS provides software updates but the kernel is still 2.6.9 which is very old and has security holes. Try using Ubuntu. At least Ubuntu uses a recent kernel version and it is based on Debian.
Red Hat 9 is not an operating system. It is a Linux distribution and it is the 9th Red Hat version. Linux is an operating system. The version of Linux relates to the kernel version.
In order to protect a server for attacks, programs that it uses to provide services needs to be updated. Also these services needs to be planned for the highest security. If the setup is not planned well, anybody can get in. I suggest reading security articles on the internet and reading hacker books to figure out how to protect a server.
Sure RHEL and CentOS provides software updates but the kernel is still 2.6.9 which is very old and has security holes.
Not quite true. Red Hat backports security fixes from later kernel versions to their custom 2.6.9 kernel (it's not a stock kernel.org kernel). Just look at https://rhn.redhat.com/errata and look for all of the kernel patches.
This is good for people who need a stable kernel release and security patches.
I was always under the impression Debian is the most secure and stable, but word is CentOS is the hot ticket in the server world. (Hear say)
Untrue.. the most secure machine depends on the administrator.. not the distro.. but then again, the only secure machine is the powered off one locked away with no physical access.
And there is not such thing as the more stable Linux distro.. too many factors to consider. Any distro or OS could just be loaded and sit there idle without ever needing to be rebooted and some twits would consider that stable. You have to take into account the applications, the usage, etc.. so theres no such thing as a more stable distro.
Not quite true. Red Hat backports security fixes from later kernel versions to their custom 2.6.9 kernel (it's not a stock kernel.org kernel). Just look at https://rhn.redhat.com/errata and look for all of the kernel patches.
This is good for people who need a stable kernel release and security patches.
I still stand by what I am saying. Kernel version 2.6.9 has issues with security. Patching a kernel version is very messy. Manufactures should follow kernel versions instead sticking with one kernel version that is very, very old.
I still stand by what I am saying. Kernel version 2.6.9 has issues with security. Patching a kernel version is very messy. Manufactures should follow kernel versions instead sticking with one kernel version that is very, very old.
I don't think I get you arguements here. Redhat takes a long time to patch and stabilise a particular kernel, if it works right on the certified hardware, then why break it by constant upgrades? If they followed kernel.org releases, they would have so many kernels to support which can become a bit of a nightmare in the long run.
Security is inversely proportional to novelty. A newer kernel will have new features and could contain security flaws which haven't been discovered yet because the kernel is too new. If you let a kernel get too old however, not as many eyeballs are looking at it, so features since dropped in a very old kernel might have a defect that fewer people are looking for. "Given enough eyeballs, even the most difficult problems become shallow." Linus's Law.
Red Hat / Fedora Core use SE Linux which helps improve the security of the system. Even so, security is more a process than a state. A little carelessness can make any system insecure. ( I'm not referring to the original poster ).
Sticking with kernel version 2.6.9 is a nightmare for me. My hardware will not work.
I do not like Redhat or Fedora because they dumb down Linux too much.
On the other hand, at work I run very specialized high performance networking hardware that's only certified to work with specific distributions/kernels. The standardization/stability of RHEL or SLES is a godsend for those with similar needs. I don't consider it "dumbing down", I consider it providing a base platform which can host complex systems doing complex things, therefore letting corporate developers/IT staff worry about the higher level stuff without having to muck with the Linux platform. They can also be administered more easily.
The wonderful thing about Linux is the choice it brings. Heck, at home I run Slackware with a custom-built kernel and have been known to try bleeding edge development patches on occasion. However, some users, particularly in the corporate world, need a stable infrastructure with long-term support. There's no "right" or "wrong" approach -- it depends on the needs of the user in question.
Debian was one of the first three distros to get a good security rating.
[ Slak and Suse were the other two ]
Any distro can be secure, if it is configured correctly for security.
[ Ubuntu, Kubuntu etc need major configuration changes to make them secure enough for corporate use, their complete disabling of the root account means you have to go to each system and re-enable it to get a corporate level of security back, on top of any other configuration changes needed to meet your security policy. ]
Yes, I would upgrade to a newer version of linux, RHEL4 is roughly equivalent to Red Hat Linux 14.
[ Red Hat's changes to their releases are why some companies are still using the very old RH9 ]
SELinux package is available for all distros, I have yet to see a distro that doesn't offer it for install.
Jorophose, you are right, any of the BSDs would be a very secure and stable os for a server, but they are not actually linux, they are a BSD.
OpenBSD has had ONE security flaw in the default configuration in ten years.
[ flaw caused by cofiguration. ]
The issues with the BSDs are only two:
the installer is not a "pretty gui installer"
[ which is not just the BSDs ]
The hardware support level of them is not quite extensive enough for anything other than server use.
I have seen system Administrators detail using openBSD for the servers, and any linux distro for desktop workstations as the best option. the strongest security on the servers, the stability and security of any unix on the workstations beats the malware enabling of MS Windows for security and stability hands down.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.