“Computer security is a very subjective topic, especially
when it comes to the various operating systems. I will attempt to
be objective in this article, and any conclusions I draw will
(hopefully) be supported by overwhelming evidence. To be fair
my background is mostly with Linux and NT, with a good dose of
OpenBSD and Solaris.”
“One of the more basic components of computer security is file
system security…The (simple) standard for most UNIX platforms
is… is simple to implement, flexible enough to allow for most
common needs, and generally reliable.”
“No matter how good your security, chances are you will suffer a
“security incident”… A determined attacker will replace common
binaries (such as ls, ps, bash, the kernel), allowing them to cover
their tracks…”
“For Linux there are quite a few tools, but outside the Linux
world it seems that Tripwire is the only game in town.”
“Logging and auditing — This is one area where the proprietary
operating systems tend to do a little bit better. NT 4.0 and
Windows 2000 have rather extensive logging capabilities… As
always, you need to protect the central log host from attacks/etc,
also it should have extremely large volumes, as many attackers will
try to flood it…”