[plug] Debian 2.2 security

Matt Kemner zombie at wasp.net.au
Thu Aug 31 09:43:35 WST 2000


On Wed, 30 Aug 2000, Tony Clark wrote:

> http://www.securityportal.com/closet/
> 
> It doesn't speak to kindly of default Debian security.

If you check that site again, you will see the author has added an update
(in the form of a sidebar) which invalidates most of his claims.

He does have some good points, but I think his claim that "Debian is the
least secure by default" is plain FUD.
(esp after Mike O'Reilly held a talk for PLUG on what steps one needs to
 go through to secure a default-install Red Hat system)

It reads to me like a self-proclaimed security expert, who normally
exclusively uses Red Hat, had a quick look at Debian and searched for
differences and published them without looking real closely.

He says:
"I'm not a long time Debian user, so I am somewhat unfamiliar with it."
So what makes him think he can authoritatively state Debian is unsecure by
default, if he's not even taken the time to learn about the system, and
validate his claims?

 - Matt




More information about the plug mailing list