On Mon, 24 Jan 2011, Brian Thomas wrote:

I'm looking for sysadmins who are running Koha on a Debian Linux server on a network that also runs a windows mail server and a mac server. The tech consultants who run our high school's network are fearful that adding a linux server would pose a security risk. Everything that I have read praises linux security on its own but I haven't found resources that discuss security threats between servers. I'll also be posting my question on linux listservs but I wanted to make contact with any sysadmin/librarians who have a network environment closest to our own.

If anyone knows of any good websites or books on linux security especially in mixed server environments I would be very grateful.

the real answer boils down to who maintains the linux server. Linus tends to be substantially more secure than either Windows or Mac systems, especially when you are talking about a server like you would use for Koha (i.e., not something that someone is usign as a desktop, browsing to various places on the Internet, downloading and running flash software, etc) If the linux box does not get patched when vunerabilities are discovered (including in Koha), it can become a risk. Adding a linux server is only a security problem for the other servers on the network if A. the linux server is compramized (search for linux security, RedHat and SuSE probably have good documents about how linux is very secure for this) and B. the Windows and Mac systems have vunerabilities that other machines (be they windows, mac or linux) could use to exploit the systems. So if they already have systems on the network that are available to the public, they are already in deep trouble if B is the case today. not quite what you asked for, but I hope this will help. David Lang _______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz http://lists.katipo.co.nz/mailman/listinfo/koha