[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT]: is this crap? -> wininformant headline "Most InsecureOS? Yep, It's Linux"

I never said I was a knowledgable Unix Sysadmin.........but the windows
patches were definitely more user friendly.

The point of the message stands.

- David
----- Original Message -----
From: "Ron Johnson" <ron.l.johnson@cox.net>
To: "Debian User Mail List" <debian-user@lists.debian.org>
Sent: Thursday, November 28, 2002 1:40 PM
Subject: Re: [OT]: is this crap? -> wininformant headline "Most InsecureOS?
Yep, It's Linux"


> On Thu, 2002-11-28 at 11:08, David Ellis wrote:
> > At the risk of being terribly unpopular I thought I'd share my personal
> > experience.
> >
> > For 6 months I was running a Windows NT 4.0 based web, ftp and email
server
> > (exchange 5.5) with the latest service packs (SP 6a+), and a weekly
"Windows
> > Update". These machines for their lifetime were completely unhacked. My
> > email server wasn't an open relay, all was right with the world :).
> >
> > 4 months ago I switched to Redhat 7.2 - patched weekly with the Redhat
> > network. This infrastructure was hacked repeatedly, my email server was
an
> > open relay, my ftp server was being brought down every other day, my web
> > server had the apache service brought down repeatedly, I was rebuilding
my
> > boxes every three days. In short it was HELL.
> >
> > I switched to Debian Woody about three weeks ago, installing the bsd
based
> > ftp server (not that leaky wu-ftpd), the latest apache, exim, and cyrus.
So
> > far so good - no hacks, reject log shows the bounced relay requests, and
the
> > web service has been solid (although a browse through the logs shows the
> > buffer and cgi attacks being tried).
> >
> > In short the article is almost right:
> > - Older Linux Distributions ARE vulnerable, the patches to fix
> > vulnerabilities on the older releases almost never work right (IMO), and
> > this is a problem.
>
> I'd say, rather, that RPM doesn't have a "configure" mechanism like
> dpkg/deb does, and that the RH72 /etc config-file *defaults* suck.
> A knowledgeable Unix SysAdmin *can* make RH72 very secure.
>
> > - Older Windows Releases ARE vulnerable, but the patches to fix the
> > vulnerabilities DO work.
> > - Linux is maturing, and personally I like the choice and flexibility it
> > provides. Particularly with older equipment.
> >
> > Despite the almost troll like language and bias, the authors facts are
> > correct. It's his conclusion that is wrong.
> >
> > My off topic two cents.
> [snip]
>
> --
> +------------------------------------------------------------+
> | Ron Johnson, Jr.     mailto:ron.l.johnson@cox.net          |
> | Jefferson, LA  USA   http://members.cox.net/ron.l.johnson  |
> |                                                            |
> | "they love our milk and honey, but preach about another    |
> |  way of living"                                            |
> |    Merle Haggard, "The Fighting Side Of Me"                |
> +------------------------------------------------------------+
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>
>
Reply to: