Q

Choosing the most secure distribution

Security expert James Turnbull opines on the most secure distribution and what criteria to consider when choosing a distribution.

Which Linux distribution is the most secure? Who has the most updates for bug-fixes?
I think this is very subjective. It greatly depends on:
  • the level of security that is configured at installation by default
  • the level of security you implement (this could also be described as how you harden the distribution)
  • exactly what you wish to run on the host.

Much of your ability to do this is also enhanced or limited by the inherent security features offered by the distribution,

either in the userspace or the kernel.

Personally, I like Red Hat Enterprise Linux (RHEL) since it comes with SELinux, is generally well-configured out of the box and provides most of the features I require. Bug fixes and updates are frequent and, by purchasing a license, you are able to access support services.

But RHEL does cost money. There are also distributions available for free ,of course, like Debian, Gentoo and Fedora (a Red Hat offshoot). Of the free distributions, I do have some concerns about Debian at the moment due to another compromise of one of their development servers. Most of them do tend to update fairly regularly.

Overall, when making the selection of a particular distribution you need to take into consideration cost, risk, management requirements, skills available to handle the host(s), security, ease of use, availability of required functionality and a number of other factors.

This was first published in August 2006

Dig deeper on Linux system security best practices

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchDataCenter

SearchServerVirtualization

SearchCloudComputing

SearchEnterpriseDesktop

Close