Quote:
Originally posted by Varius
Well, first we run FreeBSD which is less exploited than Windows/Linux to my knowledge.
Second, none of our servers have external IP addresses, so they cannot be reached. He would have to exploit our BigIP F5s, which is quite difficult to do.
|
Well see above .. if the employees have physical access then your security is dead. You have none. Even if it's on a local network.
As for FreeBSD .. I wouldn't count on your OS choice for protection. Especially because FreeBSD and Linux run mostly the same software. For example, if you're using Apache then apache is apache .. it doesn't matter what operating system you're using.
It mostly comes down to two things.. 1) how the machine was configured and 2) are there any exploitable bugs in the code for any of the software that you're running.
The only exception to the above is OpenBSD. It has a reputation for security because every single piece of software in the default install is audited to try and weed out exploitable bugs .. and the guys behind it know their shit when it comes to security so the default install is automatically configured to be lock-tight. However, if you install 3rd party software then that paradigm goes down the drain.