Is Ubuntu safe to try

Nimefurahi ulist at
Wed Jul 13 23:30:13 UTC 2005

Ante Karamatic Wrote: 
> On Tue, 2005-07-05 at 22:33 -0400, Nimefurahi wrote:
> > A nessus scan on it's potential vulnerabilities, as presented
> > out-of-the-box, shows it to be very secure, much more secure than
> > scores of other distributions with exception perhaps of Trustix.
> UH!!!! Big UH! Nessus is tool that can provide informations only to the
> people who know how to use it :)
> Nessus has A LOT of false positives, cause it's search is based on
> version of the daemon. It doesn't check if the hole really is there, it
> only checks versions.

That is so true, my friend. Your's is a valid observation. Nessus may
cough up many superfluous positives. But the fact remains for me that,
with a given Nessus daemon and its inherent paranoia, Ubuntu tests
better than scores of other distros that I have scrutinized. My
confidence of a given distro's vulnerability is inversely proportional
to the number of such Nessus "positives", false and otherwise. In
short, I am quite simply impressed by Ubuntu's test results in that
regard. To this date, I have not been able to hack into Ubuntu. Dare I
tell you what I can do with other distros. (I must add that I do this
out of scientific curiosity only and not for mischief or malice. I do
this as a security manager.)


More information about the ubuntu-users mailing list