Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 34

Thread: assault on linux by windows

  1. #11
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    I've been reading (forget where) that the best way to secure your OS, is NOT to install as default, but to go down the "Experienced Users" route, and install just what you need. As of yet, I wouldn't trust myself to do this, and am therefore stuck with the original package, bugs and all ? Must also confess that I have never seen a Linux box at work, and am a Windoze user 'by default'. My observations on this site, is that Linux has to be considered as a more 'complete' system, and it is a step I will probably take in the following 12 months. Ideally I would be able to build me a seperate box, and have me a room full of different boxes ? But the requirements of family will mean that a biger HDD, a quick read about partitioning, and my new system will await me ? which brings me to the next point. Where do you buy ANY OS apart from the M$ family ? as M$ is not just the only OS most people hear about, it appears to be the only OS, period.
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  2. #12
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Originally posted here by lpaulgib
    Linux unfortunatly forgot to include the fact that there are literally thousands more viruses written for Windows than the Linux operating system. So even though windows fixes holes faster, Linux has a sustancial less threat to attacks than windows.
    Windows fixes holes faster? I'm still waiting for a damned IE patch. And that was how long ago? I'v seen a Linux patch in 4 hours. Now yes, I know Microsoft has alot more people to deal with when releasing a patch, but come on, months?

    Catch: When are we goign to have our OpenBSd discussion?

  3. #13
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,018
    there are literally thousands more viruses written for Windows than the Linux
    Care to quantify that? AFAIK, there are only a few original pieces of malware written for windows. What there are could be possibly hundreds of variations... but at the core are a relative handful.

    windows fixes holes faster
    Where did you come up with that theory?

    Microsoft seems to have taken the hint and is developing a promising update to Windows XP that will fix long-standing flaws in its firewall, network and browser settings, but don't expect to see it before next summer.
    Found here: http://msnbc.msn.com/Default.aspx?id=3831715&p1=0

    I'm not trying to bash windows...I'm quite happy with every version I've ever used, bugs and all. I took it upon myself, though, to learn how to secure my boxes...

    Where do you buy ANY OS apart from the M$ family ? as M$ is not just the only OS most people hear about, it appears to be the only OS, period.
    I bought a copy of RedHat 9publisher's edition) at a nearby Barnes and Noble, along with a 900 page manual for about $40. Once I got it installed and learned my way around a bit, I downloaded RedHat 9 and installed the "full version"

    There are many places on the internet where one can buy linux distros, if you are so inclined.. or you can download them for free..... Knoppix (there are others) offer a bootable Linux that you can play with..no need to install or partition anything.

  4. #14
    BY Wolv
    Windows secure (good joke)
    User error can be fatal

    Originally posted here by gore
    Now now. Windows CAN be made secure as hell. It's the exploits and buggy code that are hurting them. Windows NT remains as an OS that's old as hell, yet can be locked down like a virgin on a date with her Father as a driver.
    Yeah, Ive done the XP install so many times its not even funny
    I can lock a XP box down pretty damn quick with this custom .reg file that I made at www.BLKViper.com
    If anyone wants it, here its.

  5. #15
    @ÞΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,705
    Linux having a larger number of bug fixes is a good thing. It means that the developers are actively trying to make Linux more secure everyday, unlike MS and their patches that are too little, too late.

    Linux is bound to have a large number of security holes, due in part to the server/network oriented nature of *NIX itself. But, unlike MS, the Linux holes will be properly fixed quickly.
    Real security doesn't come with an installer.

  6. #16
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Originally posted here by catch
    Default configurations are a dead horse that never had anything to offer in the first place, seriously, leave it alone and talk about something worth while. Does it really matter if a system by default has 0 full compromisable exploits or 1 or 3,000?

    Yes, for two reasons:
    1. It speaks volumes about the quality of the code underlying the out-of-the-box install.
    2. Joe Shmoe who sets up his home webserver is relying on the software to be secure. I'm still logging Code Red I & II hits on my firewall from other machines on the cable network I'm on.

    All that matters is if the system can be configured in a manner offering sufficient assurances as justified by your threats and asset values. All the rest of this is just comparing who reads bugtraq more closely.
    Perhaps that is all that matters to you, however, there are more people out there than just those who think similarly to you. To liken it to flogging a dead horse is rather silly, the horse is clearly not dead, look at even some of the latest Redhat releases or WinXP for that.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  7. #17
    Banned
    Join Date
    May 2003
    Posts
    1,004
    And still the discussion continues about installs and patches. Seriously, pick up a book an OS security theory, the lot of you... it'll make for more interesting conversations.

    "If car manufacturer A has a track record of X fatal crashes per year, and Manufacturer B has substantially less, it makes no sense to say that car A would be just as safe if the stupid driver would just go out and obtain and install his own air bag."

    This is deeply flawed in this context, especially since no one ever talks about the functionality! Just default crap and application level issues, which a good OS will defend against.

    A Ferrari is far more likely to put your average drive in the ditch than a kia will, does this mean that the Kia is the better handling car? With this data alone, it looks that way... so we need to discuss other things like the types of suspensions used, wheel base, lateral G's, tire width, etc, etc.

    If you want to talk about which system is more secure in the hands of an idiot (untrained driver), than yes. OpenBSD is king and NT is the worst OS ever. My parting question is, why do a bunch of security enthusists care what is best for idiots?

    catch

  8. #18
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    no one ever talks about the functionality!
    Unfortunately, functionality is a two_edged sword. The same feature that
    is designed to give you a wonderful "experience" on the web will allow websites to write
    new values to your registry, change your home page, install a porn dialer...

    If you have to disable half of these wonderful features, what good were they to begin with?
    What good is a ferrari that can go 200 mph, when the roads aren't safe at 55?

    There is a trade-off between functionality and security, but Microsoft doesn't like
    to dull the enthusiasm of newbie users, so they don't tell you that half the features
    they sold you are useless because they're insecure. Then it's your fault
    for not becoming an expert and locking down your system.

    Yes, we are security enthusiasts, but not everyone can live, eat, and breathe security.
    Security is a collective endeavor. If other people's machines are insecure, it affects
    all of us. The default configuration should be the tighter one. let users loosen
    it up if they want to incur more risk in their quest for more functionality.

    No, there's no money in that.
    I came in to the world with nothing. I still have most of it.

  9. #19
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Originally posted here by catch
    And still the discussion continues about installs and patches. Seriously, pick up a book an OS security theory, the lot of you... it'll make for more interesting conversations.
    [.. snippage of irrelevant useless examples..]
    If you want to talk about which system is more secure in the hands of an idiot (untrained driver), than yes. OpenBSD is king and NT is the worst OS ever. My parting question is, why do a bunch of security enthusists care what is best for idiots?
    Because whether you like it or not, idiots have machines that can potentially damage yours. It may not bother you if people are still sending out CRI&II attempts and so forth, but the fact of the matter is, anyone can hijack a CRII machine rather easily and create a DDoS net. When someone DDoSes you, tell me it isn't your problem or care. On the internet, you do not have only your systems to worry about, but also the systems of your neighbours, countrymen, and foreigners.

    The system we have in place is a far cry from mediocre, let alone perfect. Wherever you practice systems/network administration, I applaud your convictions, however in the real world internet-connected boxes are vulnerable to attack not only from a hacker, but also any boxes a hacker is able to root, making tracking back and so forth a LOT more difficult, if not impossible. You may not consider default installs an important thing, but any vendor who makes an effort is in my books better. Microsoft is making strides (Windows 2003 Server seems relateively secure, compared to Windows 2000 Pro/Server/etc), and there are several nix distributions doing similar things.

    The long and the short of it is, you asked a question and I don't care if you don't like the answer I gave you -- it is at least an honest one based on observation.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  10. #20
    Banned
    Join Date
    May 2003
    Posts
    1,004
    rcgreen, _SECURITY_ functionality, the subject here is security, not fancy web browsing stuff.

    Wherever you practice systems/network administration
    I am not an admin.
    Am I to understand that you are saying a system with lower security potential is better because it comes in a slightly harder state and this creates a minimally higher chance that you'll be able to track back a stupid attacker?

    I honestly hope you have better arguments than that. This whole bit about most other systems being insecure is a good thing, not a bad thing as several of you have tried to spin it. There is currently no way to defend against all types of DDoS attacks, so why make this a top concern? maybe something like access control granularity or perhaps seperation of power should be slightly bigger concerns, but no one ever wants to talk about such things and that should be the point. Not "How many systems of type X were compromised via vulnerabilities that should not exist in production servers and would have been removed if the basic security guidelines had been followed."

    Although I guess I am nearly alone in this viewpoint. I am tarting to remember why I'd been too busy to use this site for the last few months, which is shame.

    catch

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •