> My apologies. The look on the Linux peoples faces when they see all of > these OpenBSD boxes with *0* vulnerabilities compared to the 200 to 300 > of their own drove me to it. I'll not do it again. >
The problem is you are equating vulnerability scanners - which are a product of script kiddies talking to Accountants (auditors). The accountants then pass themselves off as IT experts when they are not. They then put their little "this is vulnerability" into their list of horseshit to look for on audits - even though they know nothing about it. Trust me, I know too many accountants. Saying you have a great and secure setup because you get 0 scores on vulnerability scans is like saying you have a fantastic sex life because you have a two terrabytes of porn on your basement server and an enormous box of kleenex and jar of lube. You may get to get your rocks off a lot, but it's rather missing the point - so you're going to spend a lot of time jerking off instead of basing anythig on reality.
