From the Official Sun web page:

They claim that people with specific regulatory or information protection requirements use their OS. How does Linux compare?

http://en.wikipedia.org/wiki/Securit...Linux#Overview
if claiming that you're most secure makes any sense.

Informative link on SE Linux. Sun says that Solaris 10 is the most secure OS on the planet. Has anyone compared them with SE Linux?

"military grade" ... mmmhummmm, I know exactly how secure that is, and I'll be sticking with Linux for the time being

"military grade" ha...

http://blog.wired.com/defense/2008/1...ans-usb-d.html

Obviously "military grade" includes Windows too.

Heh, I remember back in '98 when Ehud Tenebaum used a vulnerability in Solaris to wreak havoc upon the Pentagon. And it wasn't zero-day or anything, it was just that the Pentagon servers weren't patched even though the vulnerability was well-known. Hopefully the term military-grade has more meaning today.

Sun's claim that Solaris 10 is "the most secure OS on the planet" is obviously nothing but marketing hype. Maybe it's true. Maybe it's not. You can't really know that because security depends on so many things other than the software itself. I'd like to think most of us are aware that security is not a product, and as such it's pointless how good Sun says Solaris 10 is if it (or any other OS) isn't supported with solid policies, methods, procedures, and practices on behalf of the human beings that actually use it.

Well, I am working as a Unix/Linux sys admin and have experience in both Solaris and Linux (P.S. I am still biased toward Linux though).

Its a myth, no one can claim that certain OS/software is non vulnerable. Vulnerabiity is directly proportional to the years of usage. Once you get strangle-hold of the OS internals, its possible to hack anything.

Sun can claim it to be most secured but then loop holes are everywhere. They wont be so common as in Windows but its more of a debate then anything else.

Good thing about Linux is that we have huge developer base who work for non-profit opensource community hence the fix would be quick as compare to annything else.

I have seen Solaris getting crashed due to some processes so its pre-mature to say that it is the most secure OS. However, both Linux/Solaris are extermely secure unless a novice set them up.

Enjoy!!

Rahul Khare

Don't Sun boxes come with Telnet, rpcbind, and SNMP wide open? At least all the Sun boxes I see do.

From your link: (dbogdan)

How does the worm execute when you plug the usb into the usb drive without the user initiating the executable to run?

That used to be true but it's now an installation (by default) choice with Solaris 10 1/06 and newer. The secure by default option closes all remote services except ssh.

I agree with the previous statement about security being a process more than a feature. Of course it helps if the underlying OS has good observability and specialized security capabilities. Solaris certainly does a good job here.

Poor administration and application weaknesses can make any OS vulnerable, including the most secure ones ...

AutoPlay Worms
https://forums.symantec.com/syment/b...&thread.id=222

_

As the link name suggests, it is from Auto Play features of Windows. Is there an OS explanation of what the worms do? And, is there such an Auto Play vulnerability in Linux?

It's entirely a myth that any operating system is "categorically secure" or "categorically insecure."

Microsoft Windows has an extremely well thought out security architecture ... especially nice when you need to manage many hundreds of systems at one time.

But... no amount of "well thought out security architecture" is going to do anyone a tinker's-dam worth of practical good when you've got everyone set up as an all-powerful Administrator! (In effect, "all that security" is turned off!)

Security is a process. Don't matter if you're talking about a computer or a house: "the lock, alone" does not make the difference. You've got to consider not only the lock, but the door and the frame, and whether-or-not there's an open window nearby, and whether-or-not "the dammed fool who owns the house actually locked that 'impregnable burglar-proof door.'"

Linux... OS/X... Windows. All three are competently designed systems. All three are capable both of security and tomfoolery.

I've never considered Windows "secure". But Sun, I can't tell you how many Solaris 10 boxes I've rooted, and getting into them was alot easier than most linux boxes. Most secure OS on the planet my ass.

Security is more a function of competent administration and staying up to date on critical issues than the underlying OS.

I've secured SUNOS, Solaris, SCO, *BSD, Linux, and IRIX. I've also cleaned up each and every one of those operating systems (except sunos) for companies after they've been rooted by someone.

Security is layered for the most part and some layers are far thicker than others.