- the level of security that is configured at installation by default
- the level of security you implement (this could also be described as how you harden the distribution)
- exactly what you wish to run on the host.
Much of your ability to do this is also enhanced or limited by the inherent security features offered by the distribution, either in the userspace or the kernel.
Personally, I like Red Hat Enterprise Linux (RHEL) since it comes with SELinux, is generally well-configured out of the box and provides most of the features I require. Bug fixes and updates are frequent and, by purchasing a license, you are able to access support services.
But RHEL does cost money. There are also distributions available for free ,of course, like Debian, Gentoo and Fedora (a Red Hat offshoot). Of the free distributions, I do have some concerns about Debian at the moment due to another compromise of one of their development servers. Most of them do tend to update fairly regularly.
Overall, when making the selection of a particular distribution you need to take into consideration cost, risk, management requirements, skills available to handle the host(s), security, ease of use, availability of required functionality and a number of other factors.
Dig Deeper on Linux system security best practices
Related Q&A from James Turnbull
A user wants to implement OSSEC on a Windows server because he has no server side Linux operating system.continue reading
Solaris 10 Trusted Extensions and SELinux are best suited to different system requirements and administrator skill sets. Our security expert explains...continue reading
Configuring spam filters Spamassassin and dspam together in the email server Postfix is easy with the resources listed by our security expert.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.