> As to which version is 'more secure', that is (IMHO) > entirely subjective and dependant on the experience of those that will > be setting up and managing the server(s).
No argument here. No matter what experiences anyone else has had, YMMV. You'd probably do best to perform an install of both OS's and see which fits your needs best. I've run both Redhat and OpenBSD for web servers. I actually had more difficulty with Redhat than OpenBSD. The OpenBSD team has performed a near superhuman feat in their exceptional man pages, and you will honestly find *everything* you need in them. They have greatly reduced the voodoo of the *nix's. OpenBSD also installs the minimum you need to have a secure, functioning server while Redhat's packaged configurations can get pretty bulky and you may have to spend some time taking things away to harden it. With OpenBSD you have to add things to un-harden it :) Redhat has very broad industry support, and it's certainly easier to use RPM than OpenBSD's ports collection. You just can't make an educated decision without trying them both out. Take a couple weeks to test them. Try to break them. It's worth your trouble. ----- Original Message ----- From: "Michael Vaughan" <[EMAIL PROTECTED]> To: "'GSG Designs'" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, October 31, 2002 10:52 AM Subject: RE: Newbie: RedHat 8 or OpenBSD?? In answer to your question..."It Depends". It will depend on how experienced your engineers are with Linux. OpenBSD can be a pain to install and configure. RedHat on the other hand is comparatively easy to setup. OpenBSD from what I understand is the most secure version out of the box but again securing it 'could' be a pain. However, you can get scripts to harden Redhat fairly well. In addition, You CAN further Harden Redhat by patching the Kernel: http://www.nsa.gov/selinux/index.html thereby further hardening the Linux server. As to which version is 'more secure', that is (IMHO) entirely subjective and dependant on the experience of those that will be setting up and managing the server(s). Regards, -Michael Vaughan [EMAIL PROTECTED] -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT/GMD/GO d+ s+:+ a32 C++ UL+++ P+ L+++!E W+++ N++ o- K- w++++ O- M+ V PS--- PE+ Y+ PGP++ t+++@ 5-- X++ R- tv b++++ DI+++ D--- G++ e* h-- r-- z++ ------END GEEK CODE BLOCK------ The information contained in this message may contain privileged and confidential information and is intended only for the internal company use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any examination, distribution or copying of this communication is strictly prohibited. Furthermore, any and all recipients of this message are prohibited from engaging in the unauthorized dissemination of the information contained herein to person(s) outside the company. If you have received this communication in error, please notify sender immediately. -----Original Message----- From: GSG Designs [mailto:gsgdesigns@;hotmail.com] Sent: Wednesday, October 30, 2002 3:56 PM To: [EMAIL PROTECTED] Subject: Newbie: RedHat 8 or OpenBSD?? I'm fairly new to this, so please bare with me. If this question has been asked in the past, I apologize. I'm new to the listserv as well. We are discussing starting our own web server. There is debate on whether RedHat 8 or OpenBSD is more secure. What are your thoughts? We will be doing online orders with credit card info, etc. Do you have any resources to point us to? (We will be running Apache, probably a 'duh'.) Thanks. _________________________________________________________________ Broadband? Dial-up? Get reliable MSN Internet Access. http://resourcecenter.msn.com/access/plans/default.asp