How Secure Will Opensuse 10.3 Be?

how secure will open suse10.3 be??there giving an option for app armer.and how good will the firewall be??if they give wine as a package will this make open sues more easily to hacking??after all it will let users be able to use some windoz programs.is that good or bad??i would like to order 10.3 but i don't know if i should because it is so new.any help with these issues are welcome.

Quote:

how secure will open suse10.3 be??there giving an option for app armer.and how good will the firewall be??if they give wine as a package will this make open sues more easily to hacking??after all it will let users be able to use some windoz programs.is that good or bad??i would like to order 10.3 but i don't know if i should because it is so new.any help with these issues are welcome.
[/b]

I don't see openSUSE-10.3 very much different from earlier 10.x versions, in terms of security.

IMHO SuSE is inherently reasonably secure, especially when compared to Windoze PCs.

Probably the biggest security aspect for an OS, and openSUSE Linux is no exception, is how the user takes care of the PCs security. In the case of Linux, do NOT log in as root (but rather use su, sudo, or kdesu on an as required basis). Have a good user and root password. Ensure ssh is well secured. Properly configure one's Linux firewall. And only install 3rd party applications from reputable sources.

As for running a Windoze application with a virus from wine, ... I recall an article once where a user tried many of the more common Windoze virus against a Linux PC (under wine). The applications crashed in pretty much all cases, although in once case on application (with the virus) did run, although the virus failed miserable to do anything.

openSuSE will be just as secure as the user makes it, most security issues i have seen have been the result of users not understanding the basic principles of security ( i.e. fiddling & not understanding what they are doing )

andy

Quote:

I don't see openSUSE-10.3 very much different from earlier 10.x versions, in terms of security.

IMHO SuSE is inherently reasonably secure, especially when compared to Windoze PCs.

Probably the biggest security aspect for an OS, and openSUSE Linux is no exception, is how the user takes care of the PCs security. In the case of Linux, do NOT log in as root (but rather use su, sudo, or kdesu on an as required basis). Have a good user and root password. Ensure ssh is well secured. Properly configure one's Linux firewall. And only install 3rd party applications from reputable sources.

As for running a Windoze application with a virus from wine, ... I recall an article once where a user tried many of the more common Windoze virus against a Linux PC (under wine). The applications crashed in pretty much all cases, although in once case on application (with the virus) did run, although the virus failed miserable to do anything.
[/b]

old wise one.so your saying that wine is ok to use with Linux??what about the app armer in 10.3??? the stuff i have been able to see says that you can do different things with it can any one help me understand this .and if it should be left as is" out of the box".would it be the same for the firewall as well???

Quote:

old wise one.so your saying that wine is ok to use with Linux??[/b]

Yes, wine is safe to use on Linux.

Quote:

what about the app armer in 10.3???[/b]

What about apparmor? You can read more about it here:
http://en.opensuse.org/Apparmor

IMHO apparmor is a pro-active security approach adopted by openSUSE. The odds of you needing to do anything special with it are very very remote.

Again, if you never operate as user root (only using "su", "sudo", "kdesu", etc ... on a minimal as required basis), and have a good user and root password, ensure ssh is well secured, properly configure your Linux firewall, and only install 3rd party applications from reputable sources you should be fine.

....

Quote:

the stuff i have been able to see says that you can do different things with it can any one help me understand this .and if it should be left as is" out of the box".[/b]

As a newbie, I don't think you need to spend any time worrying about the configuration of apparmor. Leave it "as installed".

Quote:

would it be the same for the firewall as well???[/b]

What about the firewall? Simply leave it "as is". By default the openSUSE firewall is enabled. Leave it enabled, and only open ports to the firewall on an "as required" basis.

Speaking for myself as Oldcpu and deltaflyer have said, sensible use i.e not installing everything from every where etc. I find I don't use app armour.

Now from here http://developer.novell.com/wiki/index.php/Apparmor_FAQ "<-snip->compromise systems that host critical data in the enterprise<-snip-> Plenty more there. Also here
http://en.opensuse.org/Apparmor and here http://en.wikipedia.org/wiki/AppArmor as for firewall I'd thought the defaults are good to go, as a rule you'll have only a few ports open, anyway a service needs to be running to be exploited.

The next thing is to make sure your system is regularly updated, just in case an exploit is found for a specific application.

Now if you look at a site such as http://secunia.com/ what you will see is many are low risk exploits and local exploits not remote. 9/10 I'd say are fixed by a patch or an update to newer software.

Where here you'll find Suse very good at releasing patches and security updates. As an example I know by default Suse's php is protected by the Suhosin Patch, http://www.hardened-php.net/

If you take into consideration you may behind a router, firewalls on both, with a dynamic IP running very few services I doubt you'll need to do much.

Apparmour is really for the enterprise, for example if your running web servers, php or mysql databases, really sensitive data or data that you absolutely need to keep as is. But do need the additional services that you may need running on a enterprise.

Apparmour locks down tightly the application I've not really played but think you need to give rules for each application/user/group to me it seems a little overkill on a home pc.

Apparmor rocks, but I have not seen any need for it on a home PC. I uninstalled it on my system.

Linux is inherently more secure, but any user can make it unsecure. Simply failing to do security updates is the number one way.

Quote:

Apparmor rocks, but I have not seen any need for it on a home PC. I uninstalled it on my system.

Linux is inherently more secure, but any user can make it unsecure. Simply failing to do security updates is the number one way.
[/b]

thank you all for your opinion.now i wonder if i should put it on a new computer or keep the one i got??the graphics are old i have right now on my Compaq presario with amd athlon ,2800,1.5 gig of memory,120gig hard drive.+a dvd rewriter. i would like to get a hp amd 64x2,with 3gig of memory,500gig hard drive,and g force graphics card.im unsure of what to do.any help is welcome.

Put it on the old one that you have now. If you still get a new PC, you can load it on that one too!

Quote:

Put it on the old one that you have now. If you still get a new PC, you can load it on that one too!
[/b]

ok.i will do that.how many computers can i put one boxed Linux on??and on my old computer the graphics card is old i don't think that the 3d desk top will work on it!!!should i still use the old computer??