cariboo907Why do you suggest using a bsd over linux if a user wants to be really paranoid/secure?
User:To friend or not to friend--that is the question:
Whether 'tis nobler to take an arrow to the knee or to suffer
the slights and add's of outrageous fortune
Or to take arms against a sea of trolls And by opposing feed them. www.evicsis.com
The BSD's and especially OpenBSD are designed for security by default, all the packages are audited, and as bug free and free from security holes as possible. The trade-off is that for the average user it is much harder to install and configure than a Linux installation. For more info, have a look here.
All DEFAULT install packages are audited ( it includes Apache, Bind, Sendmail and few others ). Other packages and ports - may be audited. Install ( and configuration ) is really easy and quick. Though for advanced user only - you need to know what are you doing.
Under Windows, whether its a dual-boot system or not, make it more like Linux. End your days of working, especially online, as root. If you have an account set up exactly how you want it (and it's an administrator account), create a new administrator account, password protected, of course. Then use that new account to demote your regular account to a limited acccount (XP terminology) or a standard acccount (Win 7 terminology). Under Windows 7 Home Premium if anything attempts to install in your standard account, you're prompted for a password. In Win 7 Professional or Ultimate, you have to log into the administrator account to install anything. The bottom line is use your standard/limited account for most everything. Only use the admin account when you have to.
I do like the idea of sticking Windows into a virtual box though. Never tried that.
===========
Kubuntu 22.04 LTS, (Win 7 & Win 2K in VirtualBox)
As said, only the *default* installation of OpenBSD is audited to that extent. As this is for a desktop system there is a massive amount of attack surface that will be installed after installation - impractical to vet all of it. I consider a properly configured Linux to be more secure than a properly configured OpenBSD/*BSD.
@chain,
You can secure Windows decently, especially if you only use it for games. Set up EMET 4.0 and disable any services not necessary for LoL (many, I'd imagine).
sig
I found this article, http://aboutthebsds.wordpress.com/20.../bsd-vs-linux/
Basically it says BSD is crap in terms of usability and its security (e.g software audit) is exaggerated way out of proportion by a small group of hardcore advocates. Obviously very partisan but I have no idea how much is accurate since I never use BSD. Maybe more knowledgeable people here can weigh the arguments and tell us how true (or false) they are.
The author of the article claimed
But there was no source. Is there any truth to this?On top of that, BSD project managers willingly allow spying agencies to put backdoors it thier OSes which make BSD even more insecure. An example is in 2011 where by Theo de Raadt (Head of the OpenBSD project) made an agreement with the FBI to plant a backdoor in OpenBSD, OpenSSH and PF.
Last edited by monkeybrain2012; July 17th, 2013 at 01:07 AM.
If you want to be secure, a few things first-
Here is a nice link for the OP on how NAT (well, that is what most routers have today anyways...) works: https://www.grc.com/nat/nat.htm
And to clear up the fact that NAT is not a firewall... http://security.stackexchange.com/qu...security-layer
Link about how NAPT is useful, but plain NAT is not, and how it plays a role in security : http://blog.ioshints.info/2011/12/is...y-feature.html
That said, I am a bit paranoid myself, and filter out all incoming traffic by default on both my server networks, and home network; only opening ports for my webservers, ftp servers, and established sessions. UPNP (does vyatta even have UPNP???) is also disabled
Personally, I believe that if you restrict what you actually do on your Windows computer (only boot into Windows to play game, and boot back into linux when done, .etc .etc), there is a _much_ lowered chance of getting infected/viru/hacked. I think I would be a bit more worried about a Spetsnaz team dropping through the window and stealing the computer itself
Last edited by sandyd; July 17th, 2013 at 01:59 AM.
Don't waste your energy trying to change opinions ... Do your thing, and don't care if they like it.
Bookmarks