`hardening` will depend on use case. I agree with such point of view, that security is not what you install but more state of your mind. So it's always people who are really being hacked rather than operating systems (of course this is simplification but in my opinion not that far from truth). On one security seminar presenter mentioned research that was pointing out that only ~30% of threats stopped on anti virus software, other 70% remained undetected - that gives us some clues too :-)
I'm big fan of Arch Linux and that's what I'm using, even though they do not yet fully adapt selinux nor grsec. The main reason I selected this distribution is that you build your system from bottom up resulting in bare minimum of running services, reducing plane of potential attack. Arch Linux promotes knowledge about linux mechanics - and that results in people being aware of bottlenecks and risks they may be taking.
2 comments
[ 4.3 ms ] story [ 19.1 ms ] threadI'm big fan of Arch Linux and that's what I'm using, even though they do not yet fully adapt selinux nor grsec. The main reason I selected this distribution is that you build your system from bottom up resulting in bare minimum of running services, reducing plane of potential attack. Arch Linux promotes knowledge about linux mechanics - and that results in people being aware of bottlenecks and risks they may be taking.