Page 12 of 24 FirstFirst ... 2101112131422 ... LastLast
Results 111 to 120 of 240

Thread: Is Windows more secure than BSD/Gnu/Linux/UNIX?

  1. #111
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542
    I strongly think that two points are a main factor in choosing an OS with security in mind:

    - first: knowledge of admins / powerusers
    If you have no clue about *nix but are highly skilled in Win systems than choosing linux cause "it's more secure" is completly foolish and vice versa.

    - second: function of the system
    For instance, a few years ago I had a proxy-server/gateway/firewall running on a WinNT system, almost every 24 hours it crashed for some reason, mostly virus problems, DoS and other ****... I replaced that particular server with a linux box, almost the same functionality with half the hardware, and that little setup (once configured right) ran for months, even years without a crash.

    It's all about use and perception...

    for El-Half: about mainframes -> those things are stable and they evolved too, for instance look at the SYSTEM/390 (S/390) and Z series market... Although the market of those is declining, cause many entreprises are migrating to open platform environments. IBM is still going to offer support to at least march 2007.
    S/390 and Z series mainframe-servers can be considered as the most reliable platforms around and you can run Linux on those big boxes! http://oss.software.ibm.com/linux390/index.shtml
    About the advantages of linux on mainframe servers: http://www-1.ibm.com/servers/eserver...nux/about.html

  2. #112
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Man I miss this thread. Hmm, I'll bump it up and give people new here a chance too take part in it and et more opinions.

    OK, How about this:

    Slackware 10, no firewall, all services shut down.

    Would someone be able too get in? Or would the fact that there is nothing running stop them? How do you break into something that isn't running?


    OK, same machine:

    Machine now has IPtables not allowing any traffic too the services. Does this really matter? Is it anymore secure now that it has that?

    Again:

    Machine is now running A Firewall for Linux, like, for example, the Shorewall application. No traffic is alloud, but remember the ports already have services shut down. Now the machine has already been updated and all patches are installed. Is this any more secure than without the firewall? Is it less secure? think about it, it's running MORE software now, the firewall. So is running the firewall actually possibly making it less secure because its another application running? Or does it make it more secure?

    Heh, NOW discuss some more

  3. #113
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    Slackware 10, no firewall, all services shut down.

    Would someone be able too get in? Or would the fact that there is nothing running stop them? How do you break into something that isn't running?

    what do you mean on that config? a stand alone workstation perhaps? or it can start requests, such as http, telnet, etc?

    did you comment out every port on *nix conf? inetd (or something like that) is down?
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  4. #114
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Everything commented out, and any running services shut down that may be running before. No services are running, and upon boot up, after installation, SSH and Apache were shut off which sometimes run by default, they were shut down, and none no longer start up, as they were commented out and no longer start upon boot.

    So what do you think? No services at all, but it's on a LAN with a connection too the Internet.

  5. #115
    Senior Member
    Join Date
    Jan 2004
    Location
    Hawaii
    Posts
    351
    More people use Windows, therefore people take time to actually write viruses/exploits for the OS. Why would they exploit Linux when there's only 10% of the processing power in use when compared to MS boxes? Many Linux distros are far from perfect.

    Windows insecurity is not a Microsoft issue, it's a retarded-user issue. If more people knew what "services.msc" was and what services were unneeded, the OS could become a brick wall assuming the firewall is enabled.

    MS is still doing the best it can to suppress vulnerability issues. That's why SP2 does not check for pirated copies of Windows...because it is a necessary update for Windows.

    A_T
    Geek isn't just a four-letter word; it's a six-figure income.

  6. #116
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Originally posted here by gore
    Slackware 10, no firewall, all services shut down.
    Would someone be able too get in? Or would the fact that there is nothing running stop them? How do you break into something that isn't running?
    You can break into machines that aren't running services, yes. Remember, there's always two pieces to most networked code: Client software, and Server software. If you can't break in via the server software, you still have the client stuff as an avenue of attack.

    Originally posted here by AxessTerminated
    More people use Windows, therefore people take time to actually write viruses/exploits for the OS. Why would they exploit Linux when there's only 10% of the processing power in use when compared to MS boxes? Many Linux distros are far from perfect.
    Umm, Linux isn't only 10% of the processing power in the server world. In fact, it is a large portion of all webservers, which are among the most popular targets. Estimating installed base with Linux is hard, and even with Windows the numbers are inaccurate, and generally referenced by OEM Desktop sales bundled with Windows.

    Windows insecurity is not a Microsoft issue, it's a retarded-user issue. If more people knew what "services.msc" was and what services were unneeded, the OS could become a brick wall assuming the firewall is enabled.
    I'd argue the opposite with references to bugs like the IIS exploit that allowed privilege escalation. It is really a combination of the two.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  7. #117
    Banned
    Join Date
    Nov 2003
    Posts
    1,161
    I don't think any linux system has been formally validated at this time to handle data above unclassified. As I am sure you are aware there are standards that organizations must follow when dealing with data above the unclassified level. (By the way, NT does qualify)

  8. #118
    Member
    Join Date
    Sep 2004
    Posts
    77
    No doubt *Nix OSes are more secure as compared to the WIdows because of the Open source factor. It is harder to hide viruses in the code for *nix OSes. Windows is provided by a single party Microsoft, the so called giant inthe software biz. It is its own sole responsiblity to fix the bugs which remain in their software. But for *nix there is no one responsible out there for bug fixing issues. If there is someone out there, Then do drop a message about it.

    But administration in Windows 2000 is more sophisticated because of Windows Active Directory Services. Does any *nix system has any equivalent to this thing. The beauty that this costly OS has in it its marvellous support over the network. Integration of various security mechanisms in one wonderful framework called Windows Active DIrectory Services.

    No. of applications don't count for the usefulness of an Operating System. Consider them when it comes to ease of use, user friendliness, sole responsibily for the professional creators for any bugs. So windows provides all that. Keep in mind that upto this point Windows is many step ahead of other OSs. The need is there to make it a bit open sourced so that even the amateur programmers can also tweak the bugs for themselves

    This is an important thread initiated. There must be some discussion on the issue. Further comments are awaited. I

  9. #119
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    Originally posted here by gore
    Everything commented out, and any running services shut down that may be running before. No services are running, and upon boot up, after installation, SSH and Apache were shut off which sometimes run by default, they were shut down, and none no longer start up, as they were commented out and no longer start upon boot.

    So what do you think? No services at all, but it's on a LAN with a connection too the Internet.
    so you have an "equivalent" config of an firewall protected machine that allows connections (being started) from inside, but not from outside.

    However, since you start connections from inside, you open your "guard" and you can get some kind of malware on those connections. And because you dont have any other protection, that malware can OPEN connections to outside and doom your machine.

    On the other hand, i cant see an easy a way to attack you machine if you dont have a previous "channel" with the attacker. BUt you can receive DoS attacks, since your machine has tcp/ip stack active. Im not sure if anyone can compromise tcp/ip stack per se and get some kind of priv escalation since you dont have anything inside it to be "valuable" to be infected (such as a daemon).
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  10. #120
    Senior Member
    Join Date
    Dec 2003
    Posts
    121
    blah blah blah!Why do you care so much about what your box is going to run???I use linux for about a year,I don't understand why gore is so stupid to start discussions about meaningless,infinite.time-consuming,ball-cracking subjects...I ve learnt that if a guy (or a girl) or even better a company still wants to use windows after having the opportunity to see what linux looks like then you should let them...I don't care about convincing anyone that linux is better....stay with your commercial,closed source('i got bugs,i got useless code that wastes your memo,i send info of yours to M$ but you will never going to find about it!!'-programs) memory-wasting,Gates-enriching,poor-performance,IE-infected,WMP-infected,crappy,buggy,shitty Windows and just remember:
    -you will alway have to reboot
    -you will always have to re-install them
    -you will always have to see svhost-eating your memory
    -you will always have to run antivirus checks on Sunday mornings
    -you will always have to purchase good antivirus software,good firewall software,good spyware cleaning software,a good program to watch movies, burn CD's,record audio,edit images,partition your hard drive,listen to music(media player SUCKS)
    -you will always have to pay
    -you will always have to be screwed
    -you will always be a loser
    -you will never get the chance how it is to work on a real Operating System not on an accident called windows...
    PS:just keep on supporting M$ suckers!
    Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
    Screw you guys I am going home!-Kartman

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •