Dan Harkless
Database last modified: May 20, 2005Generator: gen_form_search_db
| OS | Version | Notes | Price: CDs | Price: download | Release support lifetime | Security announce list | Security features |
|---|---|---|---|---|---|---|---|
| Adamantix (URL) | 1.0.4 | Formerly Trusted Debian. Used to require installation on top of Debian, but now has standalone install ISO. Missing some important packages like [X]Emacs and nmh, but kludgy method to install Debian version of those (without SSP protection) exists. Installer doesn't support LILO or software RAID; got stuck for me at network setup step. | [none] | free | ? | yes (general announce) | PaX, randomized PIDs / ports (not in 1.0.4), RSBAC (not in 1.0.4), SSP |
| Castle (URL) | 2.2 | Mailing lists and most documentation in Russian. The OS download is missing from the FTP site as of November 2004. | [none] | free | ? | no | Openwall kernel patch, RSBAC, etc. |
| Debian (URL) | stable / unstable | Must use a kernel patch and an alternate 3rd-party repository of packages. | [none] | free | ? | yes | SELinux |
| OS | Version | Notes | Price: CDs | Price: download | Release support lifetime | Security announce list | Security features |
| EnGarde Secure Linux (URLs: Community, Professional) | Community: 2; Professional: 1.5 | Community version limited to 10 hosted domains, doesn't support Guardian Digital Security Suite applications, and requires signup (with verifiable personal information) for Guardian Digital Secure Network (update and management service) trial subscription. | Community: [none]; Professional - Standard: $729 + $229 / year; Professional - Enterprise: $1629 + $895 / year | Community: free; Professional: [none] | ? | yes | Openwall kernel patch, web-managed security settings, etc. |
| Fedora Core (URL) | 3 | Designed to be more bleeding-edge than most distros, which is questionable for production server use. | [none] | free | 6-9 months from Fedora; ~1.5 years incl. updates from Fedora Legacy | yes | exec-shield, NX/XD? (was to be in version 3, but release notes say nothing...), SELinux |
| Hardened Gentoo (URL) | - | Not actually an OS -- just a collection of subprojects being tested by a developer team for future inclusion in Gentoo. Gentoo is a from-source distribution, which is of questionable appropriateness for a production server. | [none] | free | ? | no | Bastille, grsecurity, Prelude, RSBAC, SELinux, SSP, etc. |
| OS | Version | Notes | Price: CDs | Price: download | Release support lifetime | Security announce list | Security features |
| Immunix (URL) | 7.3 (last version released) | Originally based on Red Hat. Had some impressive features not available elsewhere, but stopped being free, and price was outrageous. Discontinued as of March 2004. | was $995 | [none] | 7.3, released December 2003, will be supported through March 2005 | yes | CryptoMark (not in 7.3), FormatGuard, RaceGuard (not in 7.3), StackGuard, SubDomain |
| Kaladix (URL) | - | Originally based on Gentoo. Project started by Jörg Lübbert, who then dropped it. In May 2003, "after a long pause [in] development", Alejandro Naifuino took it over, though no version was made available for download. Development discontinued as of May 2004. | was to be $24.99 | was to be free | ? | unused | daemons chroot()ed, PaX, RSBAC, SSP, etc. |
| OpenBSD (URL) | 3.6 | Originally based on 4.4BSD. The original (and arguably the most) secure UNIX OS. Can't boot kernel from software RAID, and hardware RAID support is very limited. No journalled filesystems. Updates to core OS components delivered only as source patches, requiring recompiles. | $45 | free (but not full ISOs -- FTP-based install) | 1 year | yes | /etc/security, audited source, daemons chroot()ed, enhanced crypto, randomized addresses / PIDs / ports, S/Key, secure defaults, securelevel, SSP, systrace, W^X |
| OS | Version | Notes | Price: CDs | Price: download | Release support lifetime | Security announce list | Security features |
| OpenNA (URL) | 1.0 | Based on Red Hat / Fedora. Supports Intel Pentium II and higher CPUs (i686) only; software fully optimized for the architecture. Developers' English often creaky. Doesn't support installing to software RAID; only includes GRUB, not LILO. GPG signature on CD RPMs done with a lost key. Missing vital software like [X]Emacs, lftp, lsof, nmh, etc. | $37.95 | free | 3 years (or may be 3 years after release of next version -- FAQ is ambiguous) | yes | daemons chroot()ed, GIPTables presets, grsecurity, secure defaults |
| Owl (AKA Openwall GNU/*/Linux -- URL) | 1.1 | Based partially on Red Hat 6.x. | $9.35; $40 with jewelcase & artwork | free | ? | no | audited source, kernel patch with non-executable stack, /proc and /tmp restrictions, etc., mtree integrity checker, pam_passwdqc password strength checker, secure defaults |
| Red Hat Enterprise Linux (URL) | 4 | Have to pay the entire OS fee each year to have access to Red Hat Network security updates. | WS: $179 Basic / $299 Standard; ES: $349 Basic / $799 Standard; AS: $1499 Basic / $2499 Standard | same as CD price | 5 years | yes | exec-shield, NX on AMD64 (3+) and XD on equipped Intel (3 Update 3+) CPUs, SELinux (4+) |
| OS | Version | Notes | Price: CDs | Price: download | Release support lifetime | Security announce list | Security features |
| SUSE LINUX (URL) | 9.2 | Traditionally had some creaky (or even missing) English due to its German origin, but Novell's acquisition should further aid with this. It has had the best printed manuals of any open source OS for some time now. | Professional: $89.95 ($59.95 as an upgrade) | free, but as of November 2004, for 9.2 only SRPMs are downloadable; FTP install available for older versions, with an ISO available only for 9.1 Personal | 2 years | yes | NX on AMD64 (in 9.1+) and XD on equipped Intel (in 9.2+) CPUs |
| Trustix (URL) | 2.2 | Originally based on Red Hat. Original developer went bankrupt, but Comodo acquired their remains. | [none] | free | ? | yes | secure defaults, swup automated updater |
With this form, you can modify display of the database. To view only selected records, type in text to search for. To omit fields, or to sort them in a different order, use the per-field radio buttons. To modify search or output behavior, use the controls at the bottom of the form.
|
Dan Harkless
Database last modified: May 20, 2005 |
Validated HTML 4.01 Transitional Generator: gen_form_search_db |