[an error occurred while processing this directive]

  Linux Letter 24

The Linux Letter for March 20, 2002

Hello fellow computors!

I know, it's been quite a while since the last Letter. Unfortunately, the realities of school, job and family (not necessarily in that order) have taken their toll. But enough of that...let's jump into the world of Linux.

You may have noticed over the past couple of months that a number of security holes have popped up in several Linux applications and components.  Problems with Sendmail and zlib are probably the most recent. A friend of mine asked me if I thought that this meant that Linux had some serious security issues. My answer to him, and to others who raise the question is that I don't think that Linux is any less secure now than it's ever been. I guess that sounds like circular reasoning, but actually I think that Linux, as a network operating system is one of the most secure and reliable ones, as long as it is configured correctly. And that's what I want to talk about in this Letter.

I use RedHat Linux, primarily because it's what I've been using for so long, but also because I find that it is easy to configure and includes an updating feature. Also, since the latest version (7.2 as of this writing) I think that RedHat has paid much more attention to security related issues.  In particular, the default installation of the software turns off much of the unnecessary server functionality. After all, if you're running Linux on the desktop, you probably don't need an ftp or telnet server running, right?  In my mind, every service that your system makes available on the Internet is just one more opportunity for your system to be exploited, and not in your favor, either!

I haven't had the opportunity to try out the firewall features in RedHat 7.2, but I do think that the inclusion of that sort of thing is a very good thing. Even if it's used as nothing more than a personal firewall, a la ZoneAlarm, some protection and awareness is better than none.

But what about the security issues? I'm not going to compare Linux's with any other operating system's problems...that's been done ad nauseum. But I do think that when these kind of problems pop up on an open source platform, fixes happen much more quickly. Maybe there are political reasons (no need to create the right spin or point fingers) or maybe it's just that nebulous "pride of creation" thing, where a programmer quickly fixes the problem in "his" software out of a sense of rightness. Nonetheless, problems do get fixed, and, it seems to me, quickly. No, I don't have any scientific evidence to back this up...just anecdotal, from reports I've read and people I've spoken to.

But here's the crux of the situation: If a program has a vulnerability and a patch or update is issued, it's up to you to install it and keep your system secure. Microsoft certainly has a great thing going with their Windows Update feature. I'll admit that I let Windows XP's update feature take care of its business in the background. But what about Linux?

RedHat offers the RedHat Network (RHN). RHN works using either a desktop application or a daemon to allow you to download and install the latest updates. The hitch is that the program costs money. It's not a lot, maybe 5 bucks a month, but it does cost. The benefit, of course, is that you
don't have to do all of the work to keep your system current and (hopefully) secure. The drawback is, of course, that it costs money. Obviously programs like this cost money to implement and run. Microsoft can support its update program by including its costs in the price of their software.  Since much of RedHat's software is given away for free, it's a little more difficult to provide that service for nothing.

I'm not aware of any other Linux distribution that has this sort of update feature. Somebody else probably does something similar, and I'm sure I'll hear about it in the next few days.

RedHat's RHN works with versions of their operating system from 6.2 to the latest. You can try out a limited version by heading over to <https://rhn.redhat.com>.

Don't be a victim of a security breach...no matter what operating system you use, it's absolutely critical to keep your system current!

Happy computing!

Drew Dunn


Get your free email account...  TODAY!!!


The Power

[an error occurred while processing this directive]

[an error occurred while processing this directive]