Microsoft plans Windows overhaul to fight hackers - Page 2
Page 2 of 7 FirstFirst 1234 ... LastLast
Results 11 to 20 of 62

Thread: Microsoft plans Windows overhaul to fight hackers

  1. #11
    Banned
    Join Date
    Oct 2002
    Posts
    133
    LOL, you just described windows......

  2. #12
    Banned
    Join Date
    May 2003
    Posts
    1,004
    nate_k9.... it is uneducated, loud mouthed users like you that drag this and sites like it down.

    Go read a book or two.

    catch

  3. #13
    Banned
    Join Date
    Oct 2002
    Posts
    133
    Catch, I suggest you go and read here http://www.linux-tutorial.info/Linux...the_Myths.html , oh, thanks for the Neg AP's by the way. Its people like you who bring sites like this down by doing things like negging people for their opinions, especially when their not yours. Oh, I went and did "my research" and here is what I have found.
    Linux Kernel
    Advantages

    * Change parameters easily.
    * Dynamic module(driver) loading.
    * Change parameters such as IRQ/DMA when booting .(i.e for HW conflicts and you want to test different configuration)
    * Both hard and soft link.
    * You can name files/directory whatever you own want and Linux doesn't care.
    * Rebooting is only for hardware upgrades.
    * Linux is "unlimited" in how many drives you can connect.
    * Linux allows you to connect drives where you need to.
    * Can access any hardware directly through the device nodes, which is great for trouble shooting.
    * Has drivers for more kinds of hardware (e.g. ISDN, CD writer).
    * Many things that require a reboot in NT, do not in Linux.
    * A large number of drivers are available as loadable modules. You load them when needed and they do not take up as much resources.
    * As root (administrator)you can do what you need to. You have complete control over the system
    * Linux will run on 386, 486, Pentium PPro etc.
    * Can disable a driver without having it be removed from your system. (i.e the files are not deleted from the filesystem)
    * Can change kernel parameters to suite your needs.
    * Can change the priority of processes as needed.
    * Multiple copies of the kernel kept on your system. Even if you do mess up, you can use a previous version to boot and recover.
    * Can boot from a floppy to recover a screwy kernel if necessary.
    * Linux dynamic libraries have version numbers in their names to make it easy to keep older copies for backward compatibility.
    * Support for serial consoles
    * Wide range of boot options, which you can either pre-configure or set at boot-time.
    * Run-levels allow you to create different configurations to start up the services you need.

    Disadvantages

    * When you do need to add a driver the relink of the kernel takes a fairly long time as it must recompile as well as relink the kernel. You could compile what you needed and then relink by hand, but the requires more experience than the average user has. (However, use modules as you can then update drivers without having to reboot.)

    NT
    Advantages

    * Adding a driver is fairly quick.
    * Can compress entire filesystems or single directories

    Disadvantages

    * Only a few parameters changeable by tools some changeable in registry. (If you can find the right entry)
    * No dynamic loading or drives. Must reboot every time!1
    * Cannot change the hardware parameters while booting. You can modify the boot.ini but you have to boot first, modify it and then reboot.
    * Only soft links, which are not even supported by some Microsoft applications such as Internet Information Server.
    * Changes file/dir names on it's own (it knows better). I named a directory OLD, NT changed it to: Old. 2
    * Reboot for everything: add driver, change IP address, change host name
    * NT is limited to 23 additional drive letters (A,B,C are already taken). 3
    * The concept of device nodes, does not exist in NT. You are blocked from doing anything other than what Microsoft thinks is best.4 Although there may be a device driver in the system for a particular piece of hardware, under NT you cannot access it without some specialized software.
    * When connecting network drives, you can only connect them as drive letters, not on arbitrary directories. (This is changed with the Active Directory, but only Windows 2000 can use them.)
    * Has drivers for more specific models of hardware.
    * When you add a driver, change an IP address, etc, you are told that you need to reboot before the changes take effect and asked if you want to reboot now. Click the wrong button and there is no way to stop it.
    * As the administrator you just think you can do anything. Often the system will not allow you to do things you need to.
    * Kernel Parameters: NT has only a few settings for "performance". 5
    * Cannot change the priority of processes as needed.
    * There is only one copy of "the kernel", if it (i.e. the registry) gets screwed up so you cannot boot, you have to reinstall.
    * Cannot boot from a floppy to recover. You musthave a copy of the most recent registry and cannot restore from tape.
    * Have no choice as to which DLLs to keep during an upgrade. (Unless you do it by hand.)
    * No support for serial console. (It's the GUI or nothing!)
    * Extremely limited number of boot options. Almost no control over how the system boots.
    * No run-levels. Must manually stop and start services.
    * Very poor memory management.6

    NT is designed as a file and print server. Despite the fact that certain applications (particularly databases) run "on behalf" of a user, it is not a multi-user system. Helen Custer even says this in her Microsoft Press book Inside Windows NT. If you have 10 people running an application on 10 Windows PC, there are 10 copies of it in memory (one per PC). If a similar application is running on a Linux machine and users are accessing via X, there will only one copy in memory. The UNIX memory management will keep track of the text segment/region so that it is shared among all the users. This means less total memory for the system. In addition, non-NT machines must load the entire program into memory (not counting DLLs), whereas Linux just brings in what is needed. This means the total memory requirements for the system is even less.

    Linux will run on more than five times as many platforms as NT. If you want a particular configuration, you can get it. Real-time is also possible. Even if you have a 286, you can run Linux.

    Compatibility
    Linux

    * Can access DOS/Windows/NT filesystems
    * Compatibility with any version of UNIX
    * X is an open standard
    * Many Windows programs run under UNIX (via dosemu, wine)1
    * Scripts written on Linux will run almost always unchanged on another version and vis-versa
    * Backups are compatible between different distributions of Linux and versions of UNIX, as well as other Systems (except NT).

    NT

    * Access to any UNIX filesystems is extremely limited (except via NFS)2
    * NT GUI is closed, propriatary
    * No UNIX programs run under NT (This does not count ones that you port.)2
    * Batch scripts written on NT are not necessarily compatible with those on Win95, WFW or DOS
    * NTBACKUP only works on NT and often the tapes cannot be moved from one machine to another, especially if they are different manufacturers.

    The NT Challenge
    Administering a Windows NT system is a "challenge" at best. So much is hidden from the administrator and often you need to dig through cryptic registry entries. However, as g@revolutionist.com said to me: "It is expected of NT support folks to do much of their work in the registry." Which means NT administrators are "expected" to waste much of their time hunting for things that are easily accomplished in Linux.

    Admittedly I do not know everything about Windows NT. However, it is required for my job and I am frequently confronted with the limitations of NT. To be fair, this might simply be because the functionality I need is hidden somewhere and I have never run across it. Therefore; I have come up with the challenge page to challenge anyone to give me an easy solution to these problems.

    The problems:

    * Tool to change the priority of process/task when it is started (i.e. not through task manager).
    * Restrict a user from logging in more than once.
    * Boot from a floppy and restore an NT system without having to install a temporary copy of the OS first.
    * Multiple configurations which define different services to start. Select which of these configurations to run at boot time.
    * Determine who has a specific file open without having to search by hand in the server manager.


    Network and Communication
    Linux
    Advantages

    * Automounter does not exist under NT. (Automatically mount filesystems when a directory is accessed.)1
    * Using telnet & NFS together can install a new OS on the system and the next time the system is booted, it has the new system. /usr/src could be NFS mounted to a machine with the most current version of the kernel when you relink (via telnet) you get the new OS on the local system.
    * NFS to mount all of the directories, so that there is a single location for all of the shared files. For example, all of /usr. By having just the programs in /bin and /sbin that are needed to boot, these too could be NFS mounted.
    * Using NFS, you can even have complete NFS root filesystem. Therefore, your hard disk can be very small, maybe even just enough to swap on. Although drives under a few hundred MB are no longer available new, you can buy an older machine. Linux can run well on less RAM than NT. You could even boot from a floppy.
    * Change host or domain name on a running system.UNIX
    * Can provide shared resources for Windows machines.
    * Choice of FREE mail readers

    Disadvantages

    * Few applications to access files on remote machines (without using NFS). (rcp, rcmd, rsh)

    NT
    Advantages

    * Being able to access a file with Universal Naming Converntion names is nice (i.e \\server\share\path).

    Disadvantages

    * Files on network drives are often stored under the UNC name, which means they are no longer accessible if moved to a different server.
    * No remote installation.
    * Difficult (impossible?) to have system files on a remote drive.
    * Must have the physical space locally to boot plus space for the swap file.
    * Have to pay extra for Exchange client
    I'm not going to waste anymore space proving the many Adantages of Linux, If you want to know about the Security go here http://www.linux-tutorial.info/Linux...Security.html.
    Catch, I suggest you do your research before you go negging me for saying the truth. Why else would countless Fortune 500 companies use Linux instead of M$ products. Do YOUR research.
    nate

  4. #14
    Banned
    Join Date
    May 2003
    Posts
    1,004
    Oh Nate... sad foolish boy.

    Looking to a linux site for Linux advantages? Gee... ever heard the phrase "consider the source"? And the negative anti-points? make a stupid comment and you get negged.

    But I will for the sake of you and anyone else reading this I will correct this garbage.

    I am not going to worry about all the non-security related garbage since this is a security related thread.

    "As root (administrator)you can do what you need to. You have complete control over the system"
    This is a huge weakness, that I pointed out: "The enormous hole of a super user account? " And here this Linux idiot points it out as a good thing. This explains the quality of the system. You people wouldn't know good design if it bite you on the nose.

    "As the administrator you just think you can do anything. Often the system will not allow you to do things you need to."
    Yeah... like delete the logs.

    Ok, since none of the rest of your post touched on security it is more or less moot and off subject, however... since it is so riddled with flaws, allow me to poin a few out. (I am only going to point out the ones that require minimal knowledge of NT and not things like dynamic kernel devices):

    Cannot change the priority of processes as needed.
    Task manager > select a process > right click > change priority
    Has the person who wrote this ever even used Windows? But wait... what is this?
    Tool to change the priority of process/task when it is started (i.e. not through task manager).
    So he knows about this method... then why did he lie? Why has no one else mentioned this lie?


    There is only one copy of "the kernel", if it (i.e. the registry) gets screwed up so you cannot boot, you have to reinstall.
    NT uses a microkernel architecture and is unchangable by subjects or the registry. This clearly show a total lack of understand of NT's basic architecture.

    If you have 10 people running an application on 10 Windows PC, there are 10 copies of it in memory
    This is a threading issue, not an NT issue... I have one instance of inetinfo.exe while having many clients accessing http, ftp, nntp, and smpt. How many instances of Apache !.x do you have running with no one connected?

    So far I'd guess that not a single thing point on your list has been made by anyone with even a city college level of computer education. Let's keep looking...

    Administering a Windows NT system is a "challenge" at best. So much is hidden from the administrator and often you need to dig through cryptic registry entries.
    It's all clear now... they admit that they are clueless as far as NT is concerned. Interesting source to quote... maybe he should read a book too.

    No remote installation.
    *sigh* The most Jr level NT admin knows better.

    Difficult (impossible?) to have system files on a remote drive.
    Ok... I give up... this is hopeless. The person you quoted is just plain uneducated and failed to touch on security at all directly.

    Maybe you should look up Win2000's and Linux's ISO15408/Common Criteria evaluations and stop reading propaganda.

    Why else would countless Fortune 500 companies use Linux instead of M$ products. Do YOUR research.
    Really? How many of the fortune 500 companies don't use NT? General Electric, Citigroup, ExxonMobil, AIG, Bank of America, Wal-Mart, Fannie Mae, Verizon, IBM, and Altria Group all use NT. Perhaps you were thinking of a different fortune 500?

    catch

  5. #15
    Junior Member
    Join Date
    Oct 2003
    Posts
    1
    Even though I use win2k for personal use( multimedia, gaming, etc... ), I'm an avid backer of most *nix's. Particularly OpenBSD. However, one key point that both nate and catch have overlooked is that linux has one key advantage that windows cant even hold a candle to; Linux's community is composed of some of the best hackers and programmers in the world working on it constantly and it only gets better on a monthly basis. What does microsoft have? a few cracks with an MCSE and A+ certification who "didnt know what they wanted to do in college so they thought they'd try that 'computer thing' as a source of income" or so it seems. Because they certainly dont care a whole lot about their OSes. If you're already enraged by reading this and you're already coming up with some witty retort about windows being the best OS ever consider this: all it takes to break into a windows machine is an 11-year-old-kid and the 'net use' command. And sure, root access to a linux machine can be devastating but what does it take to achieve that? A lot more homework than it takes to break into a windows box.

    -Rob

  6. #16
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    the ultimate security of the system is the end user (or the admin.).
    As for the M$ bashing.. no bloody operating system is perfect.. if we had no windows and M$ to bash.. it would be Red Hat vs SuSe Vs BSD vs Mandrake Vs OSX.. childeren will be childeren.. "mine is bigger than Yours"

    Linux strength is currently it's potential weakness.. (pleas note potential in that statement..) it is the volinteer coders and organisers.. out side that.. I play with win and 3 skins of linux love the journey..

    And back to the original post.. very interesting.. but true experimenters being as they are.. holes will be found..

    cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  7. #17
    AO Part Timer
    Join Date
    Feb 2003
    Posts
    332
    Und3ertak3r- I am going to have to agree with you here. If there is such a problem with an OS, don't use it. It really doesn't matter. Does it?

    I've been using windows since 3.1. Lots of DOS (no kiddies not denial of service) this was before you. *LOL* I have been with Windows ever since. Just in the last year or so have I picked up *nix. Currently I experiment with Knoppix, OpenBSD, and RedHat. Might not be much. But hey least I have the desire to learn.

    Seems that at least once a month we have this **** about MS vs. *nix. So one may be more subject to viruses, one may be more subject to vulnerabilities; as far as I can tell they all have there fair share of problems and limitations.

    If you know so much why not write your own OS? Till then have a coke and a smile, and shut the hell up. At this point in technology, we are developing it faster than we can understand it.

    My point?
    Pick your poision.
    Your heart was talking, not your mind.
    -Tiger Shark

  8. #18
    Banned
    Join Date
    May 2003
    Posts
    1,004
    If you know so much why not write your own OS? Till then have a coke and a smile, and shut the hell up. At this point in technology, we are developing it faster than we can understand it.
    Heh... a few things about this.

    1. I have played a developmental and auditing role in several operating systems as well as OS feasibility studies.
    2. At this point in technology we are reinventing everything in a dumbed down manner so that the masses can appreciate it. (did you know that the first provably secure OS was designed while Jimmy Carter was president of the US?) Operating systems are not all
    3. Just because you do not understand something, does not mean that "we" do not understand it. Just as it is not ok for me to assume that you don't understand something just because I don't, when you start defining reality based on your level of knowledge, the universe gets very small very fast.

    Lastly, back to the original point... it is not a matter of what is better X or Y, it is a matter of having impartial, factual data made availible so that people can choose what meets their needs. Without good information, it's all just shots in the dark, doesn't matter if you are comparing NT v Linux, HP-VV v MVS, or STOP v KSOS, hell even Ford v Honda... anything objectivity is paramount.

    catch

  9. #19
    AO Part Timer
    Join Date
    Feb 2003
    Posts
    332
    when you start defining reality based on your level of knowledge, the universe gets very small very fast.
    Reality? Level of Knowledge? Apparently you see yourself as being above me. People like you are the reason things like racism exist. You just assume you are better than me. Yet you pull the blanket over your eyes, and blame the world for not being on your level. Your problem is you can't see past yourself. I know that my reality is what I make it. Not what people like you tell me it is.

    Just because you do not understand something, does not mean that "we" do not understand it. Just as it is not ok for me to assume that you don't understand something just because I don't
    Yet you have assumed many things already. You have dumbed down things? Then you go on to talk about good information. Doesn't that contradict itself? Let's dumb something down, yet release good information?

    Back to my original point. You do not understand technology. Your knowledge is based on percentages, Probability, and the false idea that you can perfect something. Nothing is perfect.
    My argument here isn't even perfect.

    One thing that seperates me from you. I listen to what other people have to say. You stand before the mirror and then you don't even hear yourself. Then still seem to be more impressed with what you have done, rather than what you can teach.
    Your heart was talking, not your mind.
    -Tiger Shark

  10. #20
    Banned
    Join Date
    May 2003
    Posts
    1,004
    Reality? Level of Knowledge? Apparently you see yourself as being above me. People like you are the reason things like racism exist. You just assume you are better than me. Yet you pull the blanket over your eyes, and blame the world for not being on your level. Your problem is you can't see past yourself. I know that my reality is what I make it. Not what people like you tell me it is.
    If that makes you feel better. I simply stated that when people start defining reality by their level of knowledge the world view (universe) gets very small. If you wish this to be a personal attack it can be, though I feel pity for your need to turn a philosophical ideal into an insult against you.

    Yet you have assumed many things already. You have dumbed down things? Then you go on to talk about good information. Doesn't that contradict itself? Let's dumb something down, yet release good information?
    Where did I say I've dumbed things down? I said that the moajority of modern technology is simply dumbed down versions of things that already exist. This is especially true in computers:

    Modern programming langauges are dumbed down issues of older programming languages.
    HTML and XML are dumbed down versions of SGML.
    Linux is a dumbed down commercial UN*X (compare it to AIX for simplicity)

    This is of course consumer technology, the new dev stuff is not always this way, but no part of this conversation struck me as being about bleeding edge technology.

    Back to my original point. You do not understand technology. Your knowledge is based on percentages, Probability, and the false idea that you can perfect something. Nothing is perfect.
    My argument here isn't even perfect.
    Computers are nothing more than a collection of finitie logical switches. It is not only possible to make something perfectly secure, but it has already been done by the good people at Ford Aerospace.

    One thing that seperates me from you. I listen to what other people have to say. You stand before the mirror and then you don't even hear yourself. Then still seem to be more impressed with what you have done, rather than what you can teach.
    Again with the teaching... why is it my job to teach just because I am educated? I am here to engage in security related conversation, to freely offer adive on problems, and to correct information that I know is incorrect. I find it both amusing and wholely inappropriate fo you to think that you can even attempt, much less have the right to attempt to analyze in this regard, but again... I guess you'll do what you need to do to feel more comfortable about the situation.

    catch

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •