When comparing Hardened Gentoo vs NetBSD, the Slant community recommends Hardened Gentoo for most people. In the question“What are the best Linux distributions for misanthropes?” Hardened Gentoo is ranked 36th while NetBSD is ranked 102nd. The most important reason people chose Hardened Gentoo is:
Your only real options for a widely supported hardened distro are the Red Had distros (Red Hat, CentOS, Fedora) of which Fedora is your best bet for a desktop , or Gentoo. You can make a hardened kernel in Gentoo while stripping unnecessary features, creating a much smaller attack surface, and using in-kernel mitigations others don’t.
Specs
Ranked in these QuestionsQuestion Ranking
Pros
Pro Supports custom hardened kernels
Your only real options for a widely supported hardened distro are the Red Had distros (Red Hat, CentOS, Fedora) of which Fedora is your best bet for a desktop , or Gentoo. You can make a hardened kernel in Gentoo while stripping unnecessary features, creating a much smaller attack surface, and using in-kernel mitigations others don’t.
Pro Comprehensive hardened guide in wiki
From SELinux to PaX to AppArmor to.... The wiki has got you covered.
Pro Fully customized kernel that prevents server-side malwares with SSO mechanisms
Out of CentOS /RedHat/Fedora a hardened kernel is very easy to make.
Pro Best defense against NOP-sled malwares, even with ROP/COP mechanisms
Out of CentOS/RedHat/Fedora/OpenSUSE/Slackware/FreeBSD/Mandriva and Arch, only Gentoo can best protect you against NOP-sled malwares, even with ROP/COP mechanisms.
Pro Adhere to the standard
It adheres to traditional Unix and new defined standards.
Pro It's Open Source
It's open source with a BSD License, which is much more business friendly than GPL. It's the real ancestor of Mac, that is being used nowadays.
Pro It's real
Under NetBSD csh is csh not tcsh; also vi is real vi not elvis, nvi or vim. It's ideal for purists.
Pro Architecture portability
It's the most portable OS in the world when considering what architectures it can run on. It runs on very wide range of hardware, from toaster to satellites. This of course does not mean it supports drivers for many consumer facing products making it a difficult solution to just boot up and use when compared to other OSs.
Pro Clean source code
It prioritizes source code cleanliness over anything.
Cons
Con Lack of drivers
It lacks drivers for some new devices.