|
Latest Security Developments and Best Practices are shared to help keep users safe
This article compares and contrasts the current state of security controls between these two Operating Systems.
Linux and Windows security compared http://os.newsforge.com/article.pl?sid=04/05/18/1715247
Key Linux and Windows Operating System Security Capabilities
|
Category |
Capability |
Linux |
Windows |
Qualitative Score |
|
Base security |
Authentication, access control, cryptography, audit trail/logging |
Pluggable Authentication Module, plug-in modules, Kerberos, PKI, Winbind, ACLs, LSM, SELinux, Controlled Access Protection Profile audit, kernel cryptography |
Kerberos, PKI, Access Control lists, Controlled Access Protection Profile audit, Microsoft crypto application programming interface |
Linux is superior |
|
Network security and protocols |
Authentication, layer, network layer |
OpenSSL, Open SSH, OpenLDAP, IPSec |
SSL, SSH, LDAP, AD, IPSec |
Both are comparable |
|
Application security |
Antivirus, firewalls, intrusion detection software, Web servers, email, smart card support. |
OpenAV, Panda, TrendMicro, firewall capability built into the kernel, Snort, Apache, sendmail, Postfix, PKCS 11, exec-shield |
McAfee, Symantec, Check Point, IIS, Exchange/Outlook, PCKS 11 |
Linux is somewhat superior |
|
Deployment and operations |
Installation, configuring, hardening, administration, vulnerability scanners |
Install and configuration tools, Bastille, mostly admin through command line interface, Nessus, distribution- specific Up2Date, YaST, Webmin |
Install and configuration tools come with Windows, no specific hardening tool, admin GUI, security by default has been emphasized lately |
Both are comparable |
|
Assurance |
Common Criteria Certification, flaw handling |
Linux has achieved EAL3 and has good flaw handling |
Windows has EAL4 and good flaw handling |
Windows is superior |
|
Trusted computing |
Trusted Platform Module, Trusted Computing Software Stack, instrumentation, attestation |
Trusted Platform Module device driver open sourced by IBM, Trusted Computing Group software stack is targeted for 2005 |
Next-Generation Secure Computing Base, possible availability with Longhorn 2006 |
Neither is superior |
|
Open standards |
IPSec, POSIX, Transport Layer Security, Common Criteria |
Linux meets all open standards |
Microsoft participates in open standards but has some proprietary standards. |
Linux is superior |
|
|
|