On Thu, 2002-11-28 at 12:08, David Ellis wrote: > At the risk of being terribly unpopular I thought I'd share my personal > experience. > > For 6 months I was running a Windows NT 4.0 based web, ftp and email server > (exchange 5.5) with the latest service packs (SP 6a+), and a weekly "Windows > Update". These machines for their lifetime were completely unhacked. My > email server wasn't an open relay, all was right with the world :). > > 4 months ago I switched to Redhat 7.2 - patched weekly with the Redhat > network. This infrastructure was hacked repeatedly, my email server was an > open relay, my ftp server was being brought down every other day, my web > server had the apache service brought down repeatedly, I was rebuilding my > boxes every three days. In short it was HELL. > > I switched to Debian Woody about three weeks ago, installing the bsd based > ftp server (not that leaky wu-ftpd), the latest apache, exim, and cyrus. So > far so good - no hacks, reject log shows the bounced relay requests, and the > web service has been solid (although a browse through the logs shows the > buffer and cgi attacks being tried). This raises one point I've found between NT/XP servers and Linux - it is easier to monitor (and configure that monitoring) logs on Linux than it is on M$-ware. All that said, the impact of security flaws on 9X systems versus those on NT/XP systems or Linux systems are usually more severe, unless the attacker is seeking to be more subtle in what is attacked. > > In short the article is almost right: > - Older Linux Distributions ARE vulnerable, the patches to fix > vulnerabilities on the older releases almost never work right (IMO), and > this is a problem. > - Older Windows Releases ARE vulnerable, but the patches to fix the > vulnerabilities DO work. > - Linux is maturing, and personally I like the choice and flexibility it > provides. Particularly with older equipment. > > Despite the almost troll like language and bias, the authors facts are > correct. It's his conclusion that is wrong. > > My off topic two cents. > > David > ----- Original Message ----- > From: "Mike Dresser" <mdresser_l@windsormachine.com> > To: "Walter Tautz" <wtautz@math.uwaterloo.ca> > Cc: "Debian User Mail List" <debian-user@lists.debian.org> > Sent: Thursday, November 28, 2002 11:39 AM > Subject: Re: [OT]: is this crap? -> wininformant headline "Most Insecure OS? > Yep, It's Linux" > > > > On Thu, 28 Nov 2002, Walter Tautz wrote: > > > > > > > > Thought you might be interested in the FUD being reported at > wininformant. > > > The link to the story is: > > > http://www.wininformant.com/Articles/Index.cfm?ArticleID=27428 > > > > Wonder how windows would do if I bundled > > > > monitor:~# apt-cache search "" | wc -l > > 8989 > > > > many programs with it. > > > > Granted, some of the problems the article states, a lot of people run that > > program, whether it be by choice or by distro default. > > > > Mike > > > > > > -- > > To UNSUBSCRIBE, email to debian-user-request@lists.debian.org > > with a subject of "unsubscribe". Trouble? Contact > listmaster@lists.debian.org > > > > > > > > > -- > To UNSUBSCRIBE, email to debian-user-request@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > > -- Mark L. Kahnt, FLMI/M, ALHC, HIA, AIAA, ACS, MHP ML Kahnt New Markets Consulting Tel: (613) 531-8684 / (613) 539-0935 Email: kahnt@hosehead.dyndns.org
Attachment:
signature.asc
Description: This is a digitally signed message part