LinuxLock.org: Interview with Kevin Sexton of ProtectixApr 27, 2000, 13:07 (0 Talkback[s])
(Other stories by gnuchris)
[ Thanks to -gnuchris- for this link. ]
"...LinuxLock: You mentioned building your distribution from scratch, and partnering with an embedded OS manufacturer, but was Kernal are you going to run? Linux? FreeBSD?"
"Kevin: The kernel? The ApplianceOS is based on a Linux kernel as well as many GNU programs and tools. Our embedded OS partner is Lynx Real-Time Systems. We have been establishing a solid partnership and communication channel with Lynx for some time now for OS co-development. Our ApplianceOS will be a specialized version of BlueCat Linux optimized for security and applications focused on access control. We are both going to add quite a bit to each others product offerings. We are quite excited about the partnership and what it will mean to application development in the embedded space. "
"...LinuxLock: What do you think is the most commonly overlooked security concern?"
"Kevin: Well, there are many to choose from, some of which I mentioned above but I think the most commonly overlooked is setup & configuration with software maintenance a close second. Installing Red Hat, for example on a new machine could be a disaster for the security unaware. Many ports are open by default for ease of use but at the expense of network integrity. Sendmail and BIND are widely-used, and unfortunately are good examples of where individual programs fail; because they run as root, that turns bugs into root exploits. As most software has bugs and elements of insecurity, it is extremely important to keep informed about the programs used on one's systems. This is difficult to do each day, particularly with larger networks and a diverse group of systems and software. With Protectix we hope to take a little of the work out of not only setting up a secure network but maintaining it as well. "