Help Net Security: Linux Security: Reflections on 2002
Jan 08, 2003, 10:00 (0 Talkback[s])
(Other stories by Bob Toxen)
[ Thanks to LogError for this link.
"I think that the major change in 2002 over 2001 in Linux
security was that major heavily-deployed subsystems continued to
get more hardened. The recent versions of Sendmail, LPD (Line
Printer Daemon), and the commercial (ssh.com) version of SSH
suffered no vulnerabilities. This may be a record for these
"Non-Windows Apache did suffer the first discovered
vulnerabilities in five years with Chunk and SSL. DNS suffered one
that would be hard to use if one's firewall is properly configured.
While OpenSSH suffered a number of problems, I do not yet consider
it secure enough to deploy in 'Production' environments. The
ssh.com version is free for Linux, more secure, and easier to
use--so use it..."