Im just wondering what you guys think is the securest windows OS. I know you should go for linux which i have but im just wondering what you guys think.
Printable View
Im just wondering what you guys think is the securest windows OS. I know you should go for linux which i have but im just wondering what you guys think.
i personally like windows xp (windows 2000 also).. but security depends on the administrator and his/her skill
Yeah 2k and XP are microsofts' greatest yet, still though, both need ALOT of work from installation, but that can be both a bad and a good thing.
What i mean by secutity isint like local secuirty but like which OS probably would be hardest to crack remotly.
Imho XP(pro) is their best shot jet, it has to be configured properly like said.
You an strip down a 2k also but XP has more rskit commands installed by default (which would not neccesarily be security advance). Plus XP includes a firewall by default. This is definatly an effort.
Out of the box Windows is insecure
Quote:
It is impossible to secure a computer that is not physically secure. An attacker that has physical access to a computer will eventually be able to break into it. Neither Windows 2000 nor any other operating system can change that.
http://www.microsoft.com/technet/tr...ows/Win2kHG.asp
Just to echo what has already been said...
a) I think XP Pro is the most secure of the bunch thus far
b) it depends on your knowledge level in securing it to some degree
While XP has the best security controls and features IMHO, there are still enough flaws and vulnerabilities that if it isn't kept secure and properly patched it isn't much better than Windows 9x.
The big advantage is that because it is more "natively" secure than its cousins it may be better for security novices. However, the caveat that comes with that is a false sense of security. Security novices think they're secure and don't update or maintain that security so it is just a facade.
Any system- from Windows 95 to Windows XP to Linux- is only as secure as its owner's / administrator's knowledge and skills. Some operating systems are natively more secure than others, but- when it comes down to it- its the skill level and knowledge of the person doing the securing that is more important than the platform or OS being secured.
All that said, of the Windows platforms I think that XP still offers the best native security and improved features and controls for maintaining that security. Each step has been a little more secure. We'll have to wait and see whether Windows 2003 upholds that tradition.
Which one has the most competent administrator?
You kinda need to delineate that too...... The best OS with the crappiest admin is worse than the worst OS with a competent admin.......
Based on experience, Win2K Advanced Server is so far still gets my vote, tho XP does have some improved security features compared to its desktop counterparts.
But guess what? Winows 2003 Server was just released this week!!! lol
i still have to check it out
bah....
NT has grown up, and with the time to find and patch holes is most likely more secure when set up and administered correctly. Simply due to it's age... much like the BSD unix derivatives vs some of the newer linux flavors out there. It's simply that there has been more time to find more holes.
The "Home desktop" flavors such as 95/98/ME have no business even taking place in such a discussion... they are quite sad when it comes to security.
2K has grown up a little as well, and offers a level of control that allows an admin to make changes quicker and easier than one would with NT when it comes to making some of your more obscure security minded changes. Couple that with more support for newer technologies (radius, etc) and you've got a good package.
IMHO, XP is too new, and too bloated to make me feel secure. It's addition of a firewall is a good choice, but perhaps a sad attempt at compensating for other possible flaws caused by user friendliness.... the fact is... it's a good workstation OS from a user standpoint, and so long as it's behind the lines of my networks own dedicated security measures... I have no problem running it.
but then again I'm a tool user....MS makes a great inner network for the users, Linux allows me easy rollout and very fast configuration of a good rock solid secure server... but BSD offers me proven rock solid stability at the cost of longer rollout times and less user friendliness.... Sun gives me a nice 64 bit environment to crunch with (as well as the most klunky operating system in the world) and Apple makes me want to play sim city all day....
Given all this....
Dos 6.2.2 baby
...and with those fateful words so began the nailing of the coffin for Windows NT...Quote:
Although Windows NT 4.0 is affected by this vulnerability, Microsoft is unable to provide a patch for this vulnerability for Windows NT 4.0. The architectural limitations of Windows NT 4.0 do not support the changes that would be required to remove this vulnerability. Windows NT 4.0 users are strongly encouraged to employ the workaround discussed in the FAQ below, which is to protect the NT 4.0 system with a firewall that blocks Port 135
MS03-010
I agree that because of its seniority and longevity that NT is stronger. Not only has there been more time to discover the flaws and bugs, but those who administer it have had 4 or 5 years to get comfortable with every nuance of how to manage and configure it.
Unfortunately, when they start finding vulnerabilities and just shrug their shoulders and say "well, you can always buy a good firewall" it is a sign of impending death for the operating system IMO.
Their workaround doesn't protect you internally and a good portion, if not majority of hacks and cracks occur from internal sources- disgruntled or curious employees. There will probably be more "unfixable" flaws and soon MS will just officially drop support for NT.
Open source platforms can continue to be secure because anyone with the source code and some knowledge of the vulnerability and programming can write the patch or fix. But, with a Microsoft platform, if they don't create the patch there won't be one and you can't have an OS on business-critical systems with known vulnerabilities for which there is no patch.
Just my $.02
he he....
I was waiting for someone to bring that one up!! an unpatched flaw does in fact change a lot when it comes to any situation, but I still feel safer knowing the flaw exists and having the capability of monitoring that flaw then not knowing whether or not a new flaw will be discovered tomorrow.... as that discovery may be on one of my machines.....
I'm sad to see MS play the runaround and not let any of it's software grow up, and even sadder to see NT leave the world... but 2k is reaching acceptable stability for me (so long as they dont drop it too) and eventually even XP and the new 2003 server will reach a good maturity.
Truth be told... the "which OS is better" argument is like preaching religion to a deaf agnostic.... pointless...
Even though i do not like Microsoft OS but live with no choice due to high market demand.In fact,how secure the OS is all depend on you on how you secure it.Like a Linux can also get rooted,not to even mention about Microsoft OS.I been using WinXP Pro for quite sometimes and i have learned the ways of securing it is to disable useless services such as plug and play,remote control features,disable tcp ip(provided you are not using it),etc.No matter how secure Win OS are still cannot compare to a secure Linux Box.
I think you'll need to add 3.1 to that list before I vote :P
Dang Fabs you beat me too it. I was gonna be more specific and say 3.12 (Windows for Workgroups) but you still got there first.
I am going to have to second the argument that dos 6.2.2 is the most secure. think about it no remote exploits (no network connection). No torjins (non multitasking enviroment) So littel ram that if something (a virus) was trying t orun TSR you knew about it right away. No local security, so you didn't rely on it for local protection you phisacly restricted access to the box (so no escalation of privlages). Hell if you connected t oanother computer via a modem it was useualy asyncronis comunication so they couldn't take any thing from you/send any thing at you with out your knowladge.
Now which MS system is the most usefull is another story, but dos was by far the most secure and stable.
windows 98, imo, is the most secure because there are no remote vulnerabilities for it besides a netbios vulnerability which is rare to be able to exploit remotely.
Any OS is secure as long as you don't connect it to the Internet.
But we can't do that,right ? In my opinion an OS's security depends mostly on the
user.I think WinXP Pro is the perfect M$ hybrid their is ( security from NT and user-friendly GUI from Win95,98,ME) but I also tried Linux which as they say is best.But the securest OS is the one which you know best.The only advantage I see in *nix OS's is that the source is outthere and as soon as a bug appears it's fixed,instead of wainting months for Microsoft to come up with a patch and that's after their telling us that their is notjing wrong with their OS.
cire, windows 98 has tonnes of remote exploits for it. It's practically impossible to run any microsoft-based services on it, and even if you did you`d blue screen anyway!
Windows 98 was a travesty, not much of a big step up from 95 either, infact I prefer 95.
95 runs slow ass piss relik, 98 is better, its more stable and can still run games and also you can actually upgrade it, almost nothing works for 95 anymore and 98 at least you can upgrade to XP.
also, for that poll, count my vote for the most stable Microsoft OS as XENIX.
Missing from the poll:
DOS
Windows < 95
Windows NT 3.1, 3.5
Windows CE
PocketPC or whatever it is called at the moment
Windows 2003 Server
If possible I would vote dos :)
you would vote DOS over XENIX??
I'd have to say Windows 95.... and before ya jump on me let me explain this..
You install 95, disable the cancel button at the login prompt, remove the floppy drive and the cd-rom, create one user with a rather large password, Remove any network cards and modems, weld the case shut, password protect the BIOS and boot. Now for the kicker, lock it in a safe deposit box at a bank....
I dont' think you could get more secure and since you used 95, it makes 95 the most secure OS.. however I suppose you could use another OS.. but I figured 95 was the most humourous to use.
not more than using Windows ME.
I want it to at least keep running..Quote:
lol, good point man.
I was going to come in with a deep and meaningful statement.. Now I am too busy laughing.. thanks HTRegz.. I dunno if it was your 95 post or the Me comment..
Cheers
"But, with a Microsoft platform, if they don't create the patch there won't be one and you can't have an OS on business-critical systems with known vulnerabilities for which there is no patch. "
This statement is not entirely true. One cannot do any source code editing, for sure. but this does not preclude someone with knowledge of c0de such as c and assembler from writing fix for problem. person as steve gibson, maybe example here. if one knows what virus or exploit does, one can fix problem without source of operating system. people write applications for os without source etc etc..also I cannot agree with death of NT statement or the fact that if NT's source is released it would compromise 2K as stated earlier in this thred. 2K and NT are written in 2 different Languages. This leads to major differences in OS. NT cannot be released because of NTFS, that I can say yes. But not because of other statement earlier.
Please correct my assumption if incorrect. While working on Oracle, a senior programmer tells me something i like to think holds true, the cars may differ, different vehicles get one from point of departure to point of destination. whether or not m$ or *nix, both have plusses and minusses
XP Pro secure my vote
It has to be DOS 3.3,
Just about when it got fully functional? but way before any skiddies were born? I have it running on an HP Vectra VS12..............a 286 with a 20 Mb HDD............and "Word for DOS 1.0"
:D
It is a well cool box, as the 5.25" floppy drive understands 1.2Mb disks?.........but the modem is a let down, as it only dials up at 14.4 :)
The guys who throw trash round here left it for me a few years back; the guy who wanted rid of it said it "wasn't year 2000 compliant"..........this thing must have cost around $3500 when it was new..........it became Y2K compliant when I replace the CMOS battery :rolleyes: it has a four digit clock.
When I get round to it I might put the 52Mb drive in it?
This kind of stuff has to be invulnerable, because so few of them are left..........there would not be the platform for anyone to write malware on.......anyways my Norton AV will protect me..........it will detect and eradicate 762 virii (seven hundred and sixty-two)
A little bit of history...I thought that it might amuse?
Cheers
hi all,
i dont have much experience in this field, but as far as my knowledge says, win 2k server is the secure one as it is really hard to crack...
rest u people know better... :)
Riya
My favourite is 2000 use XP @ home, the worse OS ever was Windows 95 it was so f**king stupid, on laptops for example it always tried to use IRQ channel 10 for 3com PCMICA cards even if this was in use. Then if you tried to manually change it, it just went nuts. I spend so much time to do a 5 minutes that ended up taken a whole afternoon. So I really hate 95 as much as I hate M$ Corpse.
BTW I never had a problem with ME it is my fav 4 playing games.
Well.. ME was my worst Experience........ my PC crached Dayly.........even after I got every patch...... but when I tryed 2000 :D no problems......... then i got XP it was the best...... of the pile............. the cream of the MS crop........ yep I prefer..... my p2 with red hat...........
I think it is more fun to use it ......... even if it is OLd....... it is good
i`ve used every version of windows from win3.1 to win2003. I`m split between NT4 and win2000. Even with the advances win2000 theirs still something that keeps drawing me back to NT4.
I think win 98/me are perfectly good at doing what they were aimed for. I don`t think its fair really to moan about them being insurcure because they were never designed with security in mind.
As for XP i cant stand that new graphical interface, thank god you can change it back to the classic interface. I`m sure its got a lot of improvments over 2000 but i`d rather wait till its been out longer before i trust it with anything.
Dos wasn't a windows OS.. and souleman 3.11 was windows for workgroups not 3.12
my vote would have to be Windows 1.01.. because it NEVER worked.. hehe
you can find that windows version 1.01 here for nostalgic purposes. :D
about 725k rar'd
edit : btw, there was a few others that many weren't aware of.
Windows 1.02
Windows 1.03
Windows 1.04
Windows 2.03
Windows 286
Windows 386
Windows 3a
if you talk about stability I think it would be xp... I ran a server on windows 95 for 3 months though (for fun). Like some people already mentioned and it's even in them hacking exposed books, windows 9x doesn't have any remote exploits out of the box because it just wasn't ment for networking. The only thing wich might be vulnerable is the netbios filesharing thing wich is turned off by default. Everything else that makes it vulnerable are mainly caused by running programms. You can crash windows 9x wich is running an irc client by sending a ctcp /con/con monstly, but that's a local flaw triggered by an "insecure" app. There comes in the admin knowledge and whoopah I just said eveyone else already said.
If you have little knowledge it's better to run windows 95 with a decent software firewall then to run 2k pro with alot of admin stuff and remote thingys. But like linux it's mostly not linux (the kernel), but the apps and deamons that make the system insecure. Besides that stability is very important for a server to... I give half me vote to windows 95 and the other half to xp.
nice a win95 server... :D
I'll go with 2000 for the simple reason MOST(I know ..I know not ALL) of the holes have been discovered.
XP gets my vote for the least secure of all the MS systems using NTFS....my reason? From the opposite view it hasn't been used long enough for all the bugs and holes to be discovered.
I will not comment on the security of 95,98 or Me....except they remind me of swiss cheese.
if u want a secure system....... just take it of the NET....