zanfur at zanfur.com
Wed Jan 22 14:56:05 PST 2003
Linux boxes are the most commonly hacked systems, yes. It's the same as
usual -- a Windows system does a decent job if you don't know what you're
doing, and a Unix system does a better job if you *do* know what you're
doing and a horrible job if you don't. Unix is user-friendly, it's just a
lot more picky about who it considers a friend ;-)
His warning about keeping the system properly patched is a VERY good one.
Most definitely, follow that advice. Of course, it doens't matter what OS
is on the system, just keep it patched. Unfortunately, because Linux
doesn't suffer from security through obscurity (it is, after all, open
source), it's a lot easier for hackers to find exploits than it is for a
closed-source system. Before you place a linux box on the internet, make
sure you have closed down every service you don't explicitly need, put a
firewall in place (iptables is quite nice), and block everything *except*
what traffic you explicitly want to allow. It's probably a good idea to
sit down with a Unix security guru and let him walk you through securing
the machine before plugging in the ehternet cord.
To illustrate just how important this is, you need to realize that most
out-of-box linux default installs are vulnerable to being hacked, and that
the *entirety* of the internet is scanned every two days by script kiddes.
Of course, high-bandwidth and low-security-awareness systems are scanned
for vulnerabilities even more frequently, and 99.98% or so is done by the
Bad Guys(tm). School networks, DSL networks, and cable networks fall into
those categories, typically. So, you'll likely get hit with attacks at
least fifty times in the first hour of being online.
Summary: yes, linux systems are hacked a lot, probably the most. No, it's
not a flaw in the operating system, it's a flaw in the user (usually). The
trick: don't be a flawed user.
On Wed, Jan 22, 2003 at 02:39:06PM -0800, Avery Ke wrote:
> I was asking one of the tech support in Econ Dept about connnecting to
> our network. Part of his reply is pasted below.
> And I got to wondering, is it true that unix-based OS are most frequently
> hacked on campus? There seems to be a general assumption that linux is
> inherently less secure than Windows/Mac. Since the people who give me
> that impression are invariably Windows specialists, it's hard for me to
> tell myth from fact.
> > > That's fine, but it's extremely important that you make sure to keep it
> > > properly patched and secured while it's on our network. Unfortunately
> > > UNIX-based operating systems are the most commonly hacked systems on
> > > campus, so I'd like to make sure that any linux/unix system on our
> > > network is not going to be posing a threat. I believe that most linux
> > > distributions have some sort of auto-update feature to keep on top of
> > > patches as they are released.
90CF 2E8F 8A96 D0C0 09A2 9CFE C130 6CD4 6DC3 6DCF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 230 bytes
Desc: not available
Url : http://mailman1.u.washington.edu/pipermail/linux/attachments/20030122/f30c8a9f/attachment.bin
More information about the Linux