|
-
March 12th, 2004, 02:22 PM
#11
its kinda like saying that red cars have more accidents just because there are more red cars than any other color. It might have a small factual basis even though it has nothing to do with reality
-
March 12th, 2004, 03:14 PM
#12
Junior Member
Originally posted here by ZomBieMann77
its kinda like saying that red cars have more accidents just because there are more red cars than any other color.
[offtopic]
actually this has also been researched  ;
http://bmj.bmjjournals.com/cgi/conte...327&issue=7429
[/offtopic]
The Stranger: Do you have to use so many cuss words?
The Dude: What the **** you talking about?
-
March 12th, 2004, 06:40 PM
#13
- Perhaps there are more "skript-kiddie" style exploits which exist for Linux vulnerabilies, hence the "kiddies" who crack most boxes find it easier to get into a badly maintained Linux box than Windows
I find this to be a high possibility. Along with the others you mentioned. While windows machines are sometimes boring targets, they are a very different playground for kiddies than *nix is.
0.02 cents.
Be safe and stay free
Your heart was talking, not your mind.
-Tiger Shark
-
March 15th, 2004, 11:36 AM
#14
Junior Member
perhaps the default configurations on all boxes should be scaled back, removing services and users so that admins have to physically start them. I know that about half the services on my box wouldn't be there if I had to turn them on...
\"If money could talk it would say goodbye\"
-Anon
-
March 15th, 2004, 03:07 PM
#15
Note, they left systems compromised by worms of viri off the list so that they could get favorable numbers.
Who is more trustworthy then all of the gurus or Buddha’s?
-
March 15th, 2004, 07:20 PM
#16
Everyone should look for the thread that we had about one of these reports from last year. It has all of the answers people are looking for.
The term attack refers to a successful web breakin. In the report they gave out last year they used web site defacements as the trigger for a successful attack. They used a defacement tracking website like alldas.org for the statistics. So it is not actually attacked servers, but rather defaced websites.
-
March 15th, 2004, 07:37 PM
#17
Originally posted here by mohaughn
alldas.org
Actually alldas does not mirror defacements anymore. Zone-h is still providing mirroring and lists the OS of the website/machine attacked.
Cheers:
-
April 1st, 2004, 01:43 PM
#18
Incident surveys like this are just nonsensical and should never be used to compare system security. System security should only be evaluated against a predefined criteria (eg. DOD-STD-5200.28 or ISO 15408).
The same is true for the number of exploit issues surveys...
What should really give you warm fuzzies about a study like this one, is the fact that pretty much by definition, all the good attacks go unreported. These list are just admins being lazy and kiddies being bored.
catch
-
April 1st, 2004, 02:24 PM
#19
Member
Here's a finny aside.. a friend of mine called mi2g claiming he was a lawyer representing a class action suit against an ISP that failed to take steps to secure its services. (he did this after they refused any communication under his actual credentials). They opened up much more readily with information, but mainly tried to sell their reports and research; understandable, they are in business to do that. But the funny part is - they quoted higher prices to him than were published on their website.
Sketchy sketchy.
l00p
Ain't social engineering great?!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote