Jump to content


- - - - -

Penulis majalah luar negara citer pasal kelebihan Linux


21 replies to this topic

#1 kevler

    Kapten

  • Ahli
  • 2,124 posts
  • Interests:surfing
  • Kepakaran:Mac OS X , HP-UX , Solaris , Linux
  • Freelance:Tidak

Posted 04 October 2003 - 01:06 AM

QUOTE
Linux--The Most Secure OS of All?
The Few, The Proud, and The Secure

Jacqueline Emigh


Some may claim otherwise, but many insist that Linux is the most secure operating system (OS) of them all.  

Linux security advocates point to a plethora of hardened distributions and hardened kernels, for one thing. Linux administrators can also take also take many steps to make any distro even more secure, starting with installation procedures.  

Linux practitioners have seen security as a priority from day one, according to Jim Dennis, one of the principals at Starshine.org. "Essentially, people who use Linux tend to value security over features," Dennis maintains.  

Many Linux distros, for example, come with support for transmission control protocol (TCP) wrappers compiled right in, he illustrates. "With Sun Solaris, for instance, you still have to add that."  

Dennis acknowledges that Linux is now feeling the impact of worms and viruses. By and large, though, these infections originate in the Microsoft Windows environment, he charges.  

One way to help fend off incursions is to use componentry from different code bases--such as Apache 2.0 and Apache 1.3--in putting together Web server implementations, according to Dennis. "Diversity saves us," he quips.  

Meanwhile, organizations such as banks and federal security agencies have been working for years to build hardened Linux distros and kernels. Hardened kernels include LIDS; GRSecurity; RSBAC; and LOMAC.  

In the distro category, Dennis points to Openwall Linux (OWL); SELinux; and Adamantix, a Debian derivative. Adamantix was previously known as Trusted Debian.  

SELinux, on the other hand, was developed by the National Security Agency (NSA). This hardened distro, which features a hardened kernel, is also "extremely granular," so that implementation is complex, Dennis says.  

In a two-hour session at the recent PC Expo show, and a follow-up interview later, Dennis gave wide-ranging tips on how to protect all Linux implementations from technical and network exploits.  

Security is a highly complicated matter, however, Dennis admitted. "I'm not going to make you a CISSP pro in two hours. I'm not one myself," he told attendees at PC Expo's Linux Bootcamp.  

On the installation side, Dennis recommended starting from either a CD or an isolated local area network (LAN). You should eliminate services you don't need, and place strict limits on any services you do need.  

"You can't crack a service you can't reach," Dennis said. "Bind services to specific interfaces via their config files. Use 'host allow' and 'host deny' to say who can access services, and who can't."  

When installing patches and upgrades, check vendor package signatures and/or checksums. Debian binary packages are unsigned, however. With RPMs, signature checking is optional.  

If possible, you should also run Bastille, an interactive lockdown/hardening script. Right now, Bastille supports Red Hat, SUSE, TurboLinux, Debian, and Mandrake distros, in addition to Mac OS X and HP-UX.  

Bastille may be "generic and opaque," but it's also "quick, easy, and a consolidation of best practices," according to Dennis.  

Dennis also advised installation of both AIDE and Samhain, a software project from lunapark.  

"AIDE is the new tripwire. Tripwire is old and somewhat non-free," Dennis added. For its part, Samhain features LDAP authentication, a network console, a stealth option, and daemon mode, for instance.  

"Use two," Dennis suggested. "Copy archives and checksum databases. Use bootable read only (RO) media. Add to DNS, DHCP, routers, SNORT, BB/Naslos, etc."  

Denis also gave advice across a wide range of other security areas, including the use of "jail services" such as chroot; replacement of "deprecated protocols" such as telnet, and the role of cryptography, to name a few.  

The most important thing, though, is to never let down your guard, Dennis recommended. "Stay vigilant. Complacency is dangerous," he concluded.


#2 Guest_satay_*

  • Tetamu

Posted 04 October 2003 - 04:22 AM

aku tak berani komen pasal nih..
sebabnya linux nih masih baru..

#3 Guest_Hoodlumz_*

  • Tetamu

Posted 04 October 2003 - 11:31 AM

Itu menunjukkan bahawa Linux semakin mendapat perhatian..
Walaupun masih baru tapi ia boleh menjadi pesaing Windows yang terkuat..
Cayalah Linux!!!~

#4 kevler

    Kapten

  • Ahli
  • 2,124 posts
  • Interests:surfing
  • Kepakaran:Mac OS X , HP-UX , Solaris , Linux
  • Freelance:Tidak

Posted 04 October 2003 - 04:47 PM

pada aku laa kan ...semakin banyak sykt ingin mempromosikan diorang nyer business ...melalui Linux operating system development...

aku plak tengah menunggu sykt tempatan bina perniagaan melalui pembangunan sistem Linux ...kalau setaraf ngan sykt RedHat ....aku tabik masta kat kompeni tuh ...huhuh

#5 Guest_zamri_*

  • Tetamu

Posted 06 October 2003 - 01:26 PM

kevler,

KOMNAS tu bukan ke pakai Linux....

#6 kevler

    Kapten

  • Ahli
  • 2,124 posts
  • Interests:surfing
  • Kepakaran:Mac OS X , HP-UX , Solaris , Linux
  • Freelance:Tidak

Posted 06 October 2003 - 01:28 PM

[quote]kevler,

KOMNAS tu bukan ke pakai Linux....

yer ker ..??

aku pun kurang pasti laa ...sebab tak nampak lagi achievement oleh sykt tempatan dalam pembangunan Linux....huhuh

#7 Guest_zamri_*

  • Tetamu

Posted 06 October 2003 - 06:08 PM

kevler,

Ko ni kurang membaca agaknya... KOMNAS (Komputer Nasional), guna Linux sebagai OS.. direka oleh staf MIMOS...

#8 Guest_momosan_*

  • Tetamu

Posted 06 October 2003 - 07:35 PM

So whats happening with Komnas ? I havent heard anything much about since that fraud case involving the Egyptian.

QUOTE
FOR El Shimaa Palace Group Sdn Bhd chairman Hamdy Sakr IT, it is a long and agonising wait for a refund of his RM205,000 security deposit from the Perbadanan Komputer Nasional Berhad (Nascom).

The Egyptian businessman told The Malay Mail yesterday that he had been waiting for more than 70 days for the refund since their agreement was terminated on June 23.

“They told us to wait, and so far we have been doing just that for more than two months,” said Hamdy.

Hamdy said that since the issuance of the two bounced cheques amounting to RM205,000 several months ago, there has been no news from the computer company.

“How much longer do they expect me to wait?” asked Hamdy.

Recently, Hamdy claimed that Nascom even promised to issue them Singapore cheques to settle the matter. He refused.

El Shimaa Palace is one of 15 companies which reportedly have security deposits amounting to RM5 million with Nascom, to become vendors for the company.

So far, only two companies, including Hamdy’s, have lodged police reports.

On Aug 1, Hamdy lodged a report against the major shareholders, directors and chief executive officer (CEO) of Nascom for fraud, misrepresentation and failure to return the RM205,000 in security deposit.

He alleged that based on the misrepresentation and after being persuaded by the CEO, he had signed a supply agreement contract with the computer company on Oct 28 last year.

The contract meant that El Shimaa Palace becomes the vendor for the company.

However, after Nascom failed to conclude the purchase order eight months after the signing, Hamdy through his lawyers, cancelled the contract and at the same time, demanded the return of the security deposit.

The Malay Mail last Thursday front-paged an article headlined, RM5 million loss in computer scheme which reported that Nascom was still holding on to the RM5 million given by 15 Malaysian companies as security deposits to become its suppliers.

The money was paid to Nascom which claimed to have secured a major government contract to supply computers.

The 15 companies were asked to sign a contract supply agreement with Nascom before signing the agreement to supply the computers.

After signing the contract, the companies paid the security deposit of 10 per cent of the total value of the contract they were to sign with Nascom. After waiting for more than a year to sign the contract to supply the computers, the 15 companies terminated the agreement.

These companies then demanded a refund of their security deposits but to date, none has got the money back.


Anybody got any updates on them? Their using Linux also cant afford to payback. Just a little joke.

#9 Guest_ed_thix_*

  • Tetamu

Posted 06 October 2003 - 08:21 PM

KOMNAS tu bukan NASCOM tak silap aku ... KOMNAS bawah DRB

NASCOM == PC SURIA
KOMNAS == 2020 <-- tanya linuxlah

#10 Guest_momosan_*

  • Tetamu

Posted 06 October 2003 - 10:54 PM

I just visited Komnas's webpage. Komnas is under DRB HICOM while Nascom is under Pc Suria

Komnas: www.komnas.com.my Nascom: www.pcsuria.com

So whats the story with Komnas, how are the home users handling Linux on their pc?

#11 Guest_zamri_*

  • Tetamu

Posted 07 October 2003 - 02:01 PM

Ralat...

komnas is under DRB HICOM.. Sapa yang reka. ? ..staf diorang la..

#12 Guest_momosan_*

  • Tetamu

Posted 07 October 2003 - 05:30 PM

Just got a few questions playing on my mind.
Who are the target audience of Komnas 2020?

Is GNU/Linux suitable for mid range family PC ( if they also want to sell it for Home users )?

How would the PC accomodate the needs of kids to play games ( in terms that they are so used to the old style of installing and playing it ) and the stability of them playing emulated games on it?

the College / Uni students needing to use Macromedia Softwares?

Komnas 2020 is offering OpenOffice if Im not mistaken. Have you guys recently read about Microsoft Office 2003? Here is the link:

http://slashdot.org/article.pl?sid=03/09/02/1659244

This does not only affect MS-users but as well as other competitors, such as OpenOffice. So what are your guys plan to overcome this problem? ( In a situation where compatability between the 2 suites is a must )

#13 ihsan

    Leftenan

  • Pengendali
  • 1,341 posts
  • Gender:Male
  • Location:malaysia
  • Interests:counter-strike dan main bola.
  • Kepakaran:MPLS, carrier networks, routing, security, multicast, FreeBSD/OpenBSD dan main bola (scorer sahaja)
  • Freelance:Tidak

Posted 07 October 2003 - 06:52 PM

hhmmmm, apparently this guy never heard of openvms nor tandem non-stop, now hp non-stop or to a lesser extent aix on as/400.

these systems are as proprietary as any system can be. ultra expensive they are but their security track record are simply outstanding. attacks are very rare and they're a hacker's dream.

while dec vax is no longer on the market, openvms/vms has been powering the banks and mission critical systems all over the planet since before i was born, then and still is. non-stop afaik is powering the nyse servers and klse uses aix for their score/winscore system.

they are secure and ultra reliable, non-stop for example; each cpu has its own dedicated stand-by, each disk is mirrored even the os itself has failsafe mechanism.

linux, secure of them all? linux security record vis-a-vis, practically a joke. not an opinion linux fanboys wanted to hear, isn't it.

#14 Guest_momosan_*

  • Tetamu

Posted 07 October 2003 - 07:32 PM

Why does everybody keep on saying this is more secure than that? Basically humans are not perfect and flaws are a part of every design ( noticeable or vice versa ). Some might be less secure than others, so what do we do? Improvise its security. You want a really secure OS that nobody can penetrate, just plug off all cables, keep it inside your cabinet and lock it.

#15 Guest_zamri_*

  • Tetamu

Posted 08 October 2003 - 11:15 AM

momosan,
Have you used KOMNAS before ? If not, try asking people who has or try it yourself. Then, you will know...

I've never used it then I didn't know. What I know (from reading),the OS is Linux and it is customised to be easy for newbies and of course the design is targeted to home and corporate users.

#16 kevler

    Kapten

  • Ahli
  • 2,124 posts
  • Interests:surfing
  • Kepakaran:Mac OS X , HP-UX , Solaris , Linux
  • Freelance:Tidak

Posted 08 October 2003 - 01:55 PM

entah laa ...bagi aku laa kan ...development Linux itu laa yang paling dilihat selain kebolehgunaan Linux dalam setiap CPU yang diperkenalkan oleh sesebuah sykt ...hehehe

#17 mnajem

    Kolonel

  • Ahli Professional
  • 4,570 posts
  • Gender:Male
  • Kepakaran:Linux
  • Freelance:Ya

Posted 05 August 2010 - 03:26 PM

lama dah artikel ni,saja korek balik

#18 Jagermeist

    Sarjan Mejar

  • Ahli Professional
  • 201 posts
  • Freelance:Tidak

Posted 05 August 2010 - 03:45 PM

View Postmnajem, on 05 August 2010 - 03:26 PM, said:

lama dah artikel ni,saja korek balik

memang lama, zaman-zaman hype dulu, sampai nickname pun letak nama OS...kira cool habis.
Present 2010, local players dah mampos, MIMOS OSS adventure pun mati..., MAMPU OSS drivers pun... hmmm...the company Linus Torvald started also dead hence the few, the proud, the dead.

Market prediction for 2012 2015...mesh market, mix and match where necessary, and when things go on cloud, will it matte what OS?

OS is no longer the key differentiators, it sits on the back-end not transparent to the users, but the solution provided will be.

#19 ed_thix

    Sarjan Mejar

  • Ahli
  • 273 posts
  • Gender:Male
  • Location:Somewhere on the net..
  • Freelance:Tidak

Posted 28 August 2010 - 04:08 PM

Hardware acceleration sudah muncul bagi web browsers (Chrome for a start). OS? Who cares.

#20 fatah

    Sarjan Mejar

  • Ahli
  • 253 posts
  • Gender:Male
  • Location:Kota Damansara
  • Kepakaran:Information Security, Networking, Embedded, Software Engineer
  • Freelance:Ya

Posted 15 September 2010 - 04:20 PM

boleh cerita sikit pasal hardware acceleration utk chrome tak (in full o/s or chromeos ???) ? :D maaf saya kurang membaca.
nak tahu dari aspek rtos/microkernel atau, graphic (2d/3d/video overlay) accel atau, simplifying boot process (e.g: splashtop). wallahualam.

#21 Jagermeist

    Sarjan Mejar

  • Ahli Professional
  • 201 posts
  • Freelance:Tidak

Posted 16 September 2010 - 09:25 PM

so, what happened to KOMNAS and DRB multi-million adventure with Linux?
Tech magazine in the early 2000, bukak je mesti ada page muka Datuk Yatina.
Among the mistake, IMHO was these players would force gov.my especially MoE to become 'customer' and roll-out Linux to schools etc without proper planning of what content etc. Kesudannya...KOMNAS kemana, PC2 Linux kemana, support ke mana? Budak2 yg lompat on the hype bandwagon pun ntah kemana. Ada yang gaji x bayar, EPF x bayar etc. Tinggal T-shirt jek sebagai momento.

Linux or OSS has its advantage no doubt, apart from cost saving bla bla bla but ONLY a WORKABLE solution if the archited has tough carefully about it's application, customization and long-term support. Kalau one-off, semata2 nak proof a point - yey we save money better than proprietary, freedom etc...that what you get is out dated technology, no roadmap, no integration etc. Kalau ver 1, lagi 10 tahun pun ver 1, bila buat expo ke apa ke, tunjuk benda yg sama after 5 years, and pegi overseas canang, Malaysia gov.my have increase productivity, reduce TCO by switching to OSS, tapi semuanya munafik dan pendustaan sebab Account Manager either MS, Oracle, IBM etc punya bonus tetap lebat sepanjang zaman for closing deals with gov.my.

Google, taking the que from all the hype and the mistake used OSS extensively, with technology roadmap, updates, integration and build an eco-system - browser, mobile, cloud, but didn't brand it as OSS, or promoted software freedom, or saving money etc. They just build what people wanted, the OS was the just among the ingredients.

Edited by Jagermeist, 16 September 2010 - 09:26 PM.


#22 mnajem

    Kolonel

  • Ahli Professional
  • 4,570 posts
  • Gender:Male
  • Kepakaran:Linux
  • Freelance:Ya

Posted 17 September 2010 - 02:43 PM

and google to phase out googlewave, buzz is also not a really working social networks too.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users