Re: Need guidance
From: Stephen S (not_at_home.nope)
Date: Sat, 18 Sep 2004 22:43:14 -0500
in email@example.com Robb posted:
> OK, the latest critical MS security patch has me baffled as
> to why I bother with their OS. Please help me find some answers to my
> own additional FAQ questions for their 28th Sec Bull of the year.
> 23. Which Linux distro should I start with if I'm a newbie to
> it, but have been in IT for 15+ years?
If you have a Windows machine and want to try Linux I suggest either a
bootable CD or a distro that installs on a FAT32 partition, like
DragonLinux. Either way will allow you to get the feel of the OS without
having to repartition your hard drive.
> 24. How do I know what hardware to put this Linux distro with
> if I'm building a new system?
Just about every Linux distro can be scaled to run on most any hardware.
If you have plenty of ram and HD space go with the fancier GUI packages.
If you are using old hardware to try Linux on, go with a lighter windows
manager like blackbox. You have the choice of what and how much to load
at install with most distros.
> 25. How do I build a completely MS-free, Linux-based system
> that even my technophobe wife (who may freak if it doesn't
> look exactly like our old MS system) can use?
You can set the system to boot into GUI mode. It comes up with a
graphical user login and then gives each user the desktop style they
like. There is even a windows manager that tries to look as much like a
MSWindows desktop as possible.
> 26. Is Linux any better, since I'll have to depend on several
> distros and/or word of mouth to get bug/security fixes for
> it, as opposed to one company like MS?
<sigh> Here we go again...
Bug fixes for MSWindows will often have to do with vulnerabilities that
compromise the whole system while doing everyday tasks, such as browsing
the internet, or reading email. With the interconnectivity of all the MS
programs the exploits, once installed, have the keys to the system.
Bug fixes in Linux are usually for usability of a particular program. If
the problem is an exploit, you have to have that program (from among
many others) installed and usually configured a particular way for the
computer to be compromised. Also, the exploit must often be used from
the keyboard, or require some other lack of security on the machine.
Many descriptions of Linux problems state that they allow a user to run
this or that malicious code. "User" implies that the malicious intruder
already has a login name and password for the machine, or that they have
physical access to it. There are actually very few "remote" exploits for
Linux compared to MSWindows. Most of those remote exploits are easily
guarded against with basic security protocols.
As for getting the fixes or updates... I run Slackware on my server and
a laptop. I use swaret to periodically check for updates. It's an
automated package handling system that makes installing, updating, or
uninstalling a breeze.
I simply run -
- and all my installed packages are current.
> If there's a better forum for these Q's please let me know.
> Thanx in advance,
-- Stephen S. -------------------------