11-03-2006, 02:15 AM
11-03-2006, 08:51 AM
My company (while not large in size) will not switch to Linux due to buggy versions of the OS and unknown times for *good* patches to be released after security holes are found. I'd imagine it is that way for most companies, as Linux just has not gained the trust of the masses yet.
11-03-2006, 03:26 PM
mlb Wrote:My company (while not large in size) will not switch to Linux due to buggy versions of the OS and unknown times for *good* patches to be released after security holes are found. I'd imagine it is that way for most companies, as Linux just has not gained the trust of the masses yet.
Four words:
Red Hat Enterprise Linux
It's not free, but you're paying for official support from Red Hat, and very timely and tested patches.
Also acceptable:
SuSe Enterprise Linux (Server/Desktop)
Gentoo Linux (provides a glsa-check tool that automatically patches outstanding security bulletins... I use this on the NCAAbbs server all the time... VERY effective and easy)
Ubuntu is probably acceptable as well... I know Shuttleworth promises 5 years of support for every Ubuntu release, but I'm not entirely sure what the policy at Canonical is for patches.
In any case -- I can make a damn good argument that every major Linux vendor is better than Microsoft at patching... for the simple reason that Microsoft only patches once a month. You're not even guaranteed a zero day patch for a MAJOR exploit. How many companies are now offering 3rd party Windows zero day patches? And since Redmond patches once a month, you're seeing new storms of attacks immediately following "Patch Tuesday". You just invite hackers to have a free month to **** with machines if you tell them you're only patching once a month.
11-03-2006, 03:54 PM
Quote:By John C. Dvorak
We'll there's your problem right there... ;-)