Re: Security followup
If your statement was in fact true, then we'd see a lot more rootkits for Linux systems, we'd see more script kiddies out there breaking through back doors--but we don't.
No we wouldn't. Windows systems outnumber Linux boxes almost 5 to 1. As such,
even if hacker efforts were completely equal across both platforms, Windows
would still see more attacks - because there are more of them.
I think the real thing to think about here is not the number of (primarily desktop) windows machines vs. the number of (primarily server) UNIX machines. The thing to think about is, that if all things were equal between the platforms, why aren't there more exploits performed on servers? Why waste time and effort on a Windows box behind a 144Kbps DSL pipe when you can take down a datacenter just as easily?
Granted, it's the extreme examples that have a lot of other variables, but it proves a point: all things are not equal. Not even between desktop installations of Linux and Windows.
It's not the number of attacks that I'm talking about. I'm talking about the ease of attack. I'm attalking about the number of ways that one can be attacked. I'm talking about the design of the OS itself.
Also, there are LOT of rootkits and hacker tools for Linux.
Agreed. How many more are available for Windows. That was the point.
Its the platform we use when we do security audits. In fact, I would estimate that hacker tools on Linux outnumber or at least match hacker tools on Windows. As such, I would estimate that it would actually be easier for a hacker to use a Linux box as a zombie client, since they know Linux better.
You are right, it would be easier for someone who knew how to use Linux, who used it as their primary platform to know how to use Linux. But that doesn't necessarily have much to do with someone being able to use these things. The security of the system does. A real hacker would write their own tools anyway, right? :-)
There are not "many" viruses that are platform independent. And the few that are, can do little if any damage to a Linux box compared to the damage they can do a Windows machine.
You have proof to back that up? You have independent testing conducted from a
reliable source to back up that claim?
The proof of the limited damage has been repeated ad nauseum in my posts thus far: UNIX permissions protect the system.
The proof of the limited number of cross platform viruses and the potential damage they can cause is here:
http://www.viruslist.com/eng/viruslistfind.asp?findWhere=011&findTxt=linux
Viruslist.com shows 25 viruses written for Linux. 25 viruses.
Of course, this number is only going to head upwards, but the fact is, UNIX permissions limit the damage that any virus or trojan can do. That's something that Windows doesn't provide.
Worms, trojans and other nasty things that run quite nicely on Red Hat or Mandrake Linux are usually running on machines that were poorly configured or just mismanaged. Even so, the damage done is more often annoying than debilitating.
You could say the same for ANY computer ever made. Which is my ultimate point -
how a machine is setup, used, and configured has a much greater impact on its
security capabilities than the core platform used.
Sure. At issue is not whether or not it's possible, but how easy it is.
I think you've done a great service to people who are stuck running Windows machines. The more secure they are, the better off we all are. I just don't think it's fair to assume that Linux can be heaped into the same category as Windows. There's many many things that make Linux a more attractive choice for people concerned about security. Antivirus scanners and "securing" a system are things to think about--but most people don't want to become security experts, along with everything else they've got to do. With Linux, they don't have to become a security expert. They don't need to be terrified of clicking the wrong link on the Internet. They don't need to worry about clicking on every attachment in the In-Box. With Linux, people can concentrate on getting things done rather than concentrate on keeping their system safe.
I realize that the open-source movement has a strong need to make people
believe that their technologies are better. This coupled with the obsessive
anti-Microsoft sentiment out there make for a lot of misleading and downright
inaccurate propaganda.
Sure, we call it FUD (Fear, Uncertainty, Doubt). It's a tool that Microsoft has been using against competitors for years. I don't think that in this case I've used FUD. There are different security concerns for Linux than there are for Windows. And the fact remains that there are many many less security issues for Linux than there are for Windows.
A little paranoia is okay, but you've got to know what is at risk.
The PERCEPTION among many people is that Linux is more secure. I emphasize that
this is a PERCEPTION not a fact. This perception can be altered when you start
to consider a lot of relevant information such as market penetration,
availability of programming APIs, and so forth.
It is not a perception. It is built into the operating system itself. Linux viruses can't do much simply because the system they run on is built to limit the activities of malicious users or malicious programs. It's an inherent part of the system.
As a security professional, my attitude is that all platforms are subject to
attack and ALL platforms have to be secured. Use of one platform over another
merely changes the issues, but it doesn't change the core fact that any
platform is subject to intrusion.
Paranoia on your part is a good thing. That's what you're paid for.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
A new book on Single Sourcing has been released by William Andrew
Publishing: _Single Sourcing: Building Modular Documentation_
is now available at: http://www.williamandrew.com/titles/1491.html.
Help Authoring Seminar 2003, coming soon to a city near you! Attend this
educational and affordable one-day seminar covering existing and emerging
trends in Help authoring technology. See http://www.ehelp.com/techwr-l2.
---
You are currently subscribed to techwr-l as:
archive -at- raycomm -dot- com
To unsubscribe send a blank email to leave-techwr-l-obscured -at- lists -dot- raycomm -dot- com
Send administrative questions to ejray -at- raycomm -dot- com -dot- Visit
http://www.raycomm.com/techwhirl/ for more resources and info.
References:
Re: Security followup: From: Andrew Plato
Previous by Author:
Re: Security followup
Next by Author:
Re: Security followup
Previous by Thread:
Re: Security followup
Next by Thread:
Re: Security followup
Search our Technical Writing Archives & Magazine
Visit TechWhirl's Other Sites
Sponsored Ads