* Posts by jmartens

1 publicly visible post • joined 17 Nov 2010

A Linux server OS that's had 11 years to improve

jmartens

Are you at all familiar with the product?

Reading your post I wonder if you did try the product. I am part of the volunteers in development and can assure you that SME Server compared to many linux distributions is pretty secure.

The distribution is geared to people who want an alternative to Microsoft SBS and have barely any or no linux knowledge. For them it would be hard to setup a secure server as they should have to know a fair amount on security and how to configure this on linux. Please keep this in mind when considering this product.

Although services are on by default you can enable some services if you like, with little effort. Part of the problem of not being able to drop Apache is that it is used for the administrative web interface.

SME Server is installed by default with very restrictive access. The shell is not accessible to the outside interface, neither is the web based management interface by default. Yes, it uses passwords, but this can easily be changed to use client-server based certificate trust, the information is in our documentation, eliminating the need for passwords (although you can also choose certificate with passwords).

Relaying mail is also denied by default as SME Server will only accept mail for it's own domains, configured on the server by the administrator.

Apart from that we have very little reports of security being broken.