-
January 9th, 2003, 11:26 PM
#11
The security of systems is only as good as the OS security knowledge that the admins posses.
I think, especially in the workforce, that there are a lot of managerial type people out there that do not understand this, and expect their employees (who possibly do not have the adequate skills) to secure servers simply by searching google and finding some documentation.
I dont think that it is as simple as that, and you certainly wont have the tightest system using this method.
SoggyBottom.
[glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]
-
January 9th, 2003, 11:34 PM
#12
lmao! zip2dip has been reading too much palemoon. (no offense palemoon)
the_JinX, msmittens, instronics, cgkanchi, soggybottom > thanks for the input
it typically comes down to the admin to batton down the hatches, so to speak. so again schoolhouse rock echoes in my head. knowledge is power.
just like water off a duck\'s back... I AM HERE.
for CMOS help, check out my CMOS tut?
-
January 9th, 2003, 11:58 PM
#13
Analysis of minds !
Its not that hard to understand !
its harder to be understod.
Same thing follows a simple thread in a thought process.We are by means simple in how we think in our learned way.I thought i didnt want to need an new thread/post to clear my opposed mind set.Well not eveything that i know or what anyone else knows can be proven to be right or wrong.Thats where it makes everything so complex.If everything that some one says is proven to be an followed path then heyyyyyyyyyyy.Guess what i could be working for Microsoft.But this is not a case,not yet besides microsoft is not my legacy of stolen property like B,Gates thinks.I am not a treath of knowing too much nor am i an opposing threath of been accused of anything then what is in the frame of laws.Antionline.com is just an media of teaching and learning.So why not keep it there.I find it humorous by few of the opposing thoughts that this site could be the new -book of revelation- I know so much about ...
Atleast i am not the sheaperd that leads anything to the dark of.........
-
January 10th, 2003, 12:30 AM
#14
Member
For the most part the replies shed light on the truth: a system 'out of the box' is not secure really at all and can only become more secure through the work of experienced and trained folk. In a company environment that technical battle rages on and part of the battle is "Which open OS is more secure?" We have seen examples of various levels of exploits for NT/W2K and *nix as well. We have also seen exploits that come up in both OSs(e.g., SNMP). Also in the company environment rages the war of how much should be done to secure a server/workstation vs. what affects the business? As far as CERT not 'finding' any new vulnerablities, it could be that we have enough to deal with already. There are still worms and viruses infecting machines with older exploits. The Gates machine is improving, but it is still far off from being able to be titled 'most secure OS.'
Every time security and *nix or NT/W2K is brought up around here, the mainframe guys laugh at us and point at their big cubes of metal.
-
January 10th, 2003, 01:11 AM
#15
Senior Member
any OS out of the box is vulnerable, and both OS's can be locked down however when you get into it *nix can be moulded to your personal needs better than Windows IMHO. however as previously stated the OS is only tool that you use the real brains behind it is the ADMINISTRATOR and it can only be as secure as the ADMIN has made it. It's not the OS
but the admin i have seen many secure Windows and *Nix boxes in my time and also have had the pleasure of talking to admin who administer windows and nix.
thanx
Just because you don\'t see it doesn\'t mean it\'s not there
-
January 10th, 2003, 03:47 AM
#16
I have to agree windows does have more live virus and varinants. Any windows sys, but I still see Bill bringing in this type of hype to discourage people from trying linux and properly securing it.
-
January 10th, 2003, 07:07 AM
#17
Very interesting discussion ..
qwerty_smith said "knowledge is power" that's really true.. i believe that and I am agree with msMItten here
It *is* possible to have a secure Windows box just as it *is* possible to have an unsecure *nix box. It is entirely depedent not on the OS but on the person that sets it up.
But I also agree with this comment from the the_JinX site
Anyone hanging a MS server out in the breeze these days should have his head examined. Nothing created by man is perfect, so yes there are Linux bugs, but the number and severity involving apps that are exposed to the internet is small, and they're fixed within hours.
Really now, if you're gonna compare Linux apples to MS apples, shouldn't you include almost all MS software too? That's certainly what gets reported on in the Linux bug lists, not just the kernel and base system, but the thousands of Linux apps as well. I wonder how many MS bugs there would be then?
Not an image or image does not exist!
Not an image or image does not exist!
-
January 10th, 2003, 02:28 PM
#18
I guess that i do owe an apology to msmittens. Indeed you are right, i guess i let my hate out on MS a bit too much and unfairly. (Which dont mean that i will ever install MS on my private puters though ), but yes, like you said, if more people do use linux now there will be many bugs to be discovered. I used Novell a long time ago, and i know that i was one of the very few to work on it. Sorry if i have said anything stupid in my last post there
Ubuntu-: Means in African : "Im too dumb to use Slackware"
-
January 10th, 2003, 02:49 PM
#19
These figures are misleading. I read somewhere that microsoft have started holding back on releasing bug fixes and disclosing vulnerabilities because Windows users are sick of updating several times a week. Microsoft apparently now has a policy of only releasing fixes for the most serious bugs and vulnerabilities, and keeping the rest of the patches for the next service pack. That's why windows update hasn't had very many critical updates listed for the past 2-3 months.
If this is true, then it explains the lack of reported windows vulnerabilities compared with unix vulnerabilities. Also, lots of the reported unix vulnerabilities don't actually affect the OS itself, just a program that's bundled with the OS, such as Sendmail, BIND, CDE, etc. With windows, the vulnerabilities tend to be serious faults with the OS itself, as windows ships with relatively few programs included.
Another thing about these figures to note: If it's true MS is holding back on patches and bug disclosures until the next service pack is ready, then these figures are meaningless. The only time figures like this could hope to be accurate would be in the intervals between service pack releases, as in from the day, say, SP-1 is released to the day SP-2 is released. When SP-2 is released, all the known bugs that have been fixed up to that point will be disclosed, so more accurate comparisons can be made.
Even so, a decent admin can do a lot to protect their networks, just by making sure only the services and programs needed are installed and running, having a good firewall ruleset, using an IDS at strategic points on the network, and enforcing a good security policy.
-
January 10th, 2003, 03:43 PM
#20
Originally posted here by instronics
I guess that i do owe an apology to msmittens. Indeed you are right, i guess i let my hate out on MS a bit too much and unfairly. (Which dont mean that i will ever install MS on my private puters though ), but yes, like you said, if more people do use linux now there will be many bugs to be discovered. I used Novell a long time ago, and i know that i was one of the very few to work on it. Sorry if i have said anything stupid in my last post there
No biggie and no need to apologize. I was more interested in pointing out that if you are going to make a comment as you did, that having facts to back up the claims helps make your comment stronger and more believable. I personally perfer Linux for the reasons that some have mentioned: the ability to configure it how I want and secure it how I want (I still need to get grsecurity patch to work.. =P .. ).
As I mentioned there are a lot of things that are not fully reported in CERT and I find that CERT tends to not publish a lot of attacks. In addition, CERT only reported NEW viruses, not existing or recurring. Code Red, Nimda, SirCam, Yaha and Klez still exist and utilize bandwidth on the Internet. Meanwhile there was one worm (slapper) that affected Apache but it was pretty minor in its exposure in the wild compared to worms like Code Red, etc. that are still running amok.
Anyways, still gets down to the admins and how responsible they feel about what happens on their servers/workstations.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|