linux security

Scholz Matthew scholzmb at yahoo.com
Wed Jan 22 15:05:15 PST 2003 

also:

1) The default installation of most linux distros
enable by default LOTS of services, several of which
have known vulnerabilities.  I think it's still
possible to plug a default installed box onto the
internet, go have a snack, and by the time you've come
back, have a machine that was rooted by some little
script kiddie.  

2) Someone (a Windows Guy) once mentioned to me that
it's a lot easier to actually DO something with a
linux machine.  I personally think that that's a load
of crap, but, there it is.

3) in correlary to the point below, and point 1,
because the services (FTP, SSH, etc.) are so common
(name a linux/BSD/unix machine w/o SSH), once there's
an viable attack for it, it is likely that you'll be
able to get a good bang for your buck by exploiting
it.  

4) people don't patch their machines.  It's sad but
true.  If they don't do it with windows machines, I
have no idea why people think they will do it with
linux machines.  

5) People might be experimenting.  I'm sure if I had
put a machine on the network while I was still living
in the dorms, I wouldn't have been able, knowledgable,
or energetic enough to actually keep my machine
secure.


That's what I have to say about that.

--- Dejan Nikic <dejann at u.washington.edu> wrote:
> i think it's due to the fact that most servers are
> running unix and linux
> so people look for those "high" profile computers
> and if it's running
> linux or unix there is a big chance it's an
> important computer so people
> go ahead and attack it.
> 
> 
> 
> On Wed, 22 Jan 2003, Avery Ke wrote:
> 
> > I was asking one of the tech support in Econ Dept
> about connnecting to
> > our network. Part of his reply is pasted below.
> >
> > And I got to wondering, is it true that unix-based
> OS are most frequently
> > hacked on campus? There seems to be a  general
> assumption that linux is
> > inherently less secure than  Windows/Mac. Since
> the people who give me
> > that impression are invariably Windows
> specialists, it's hard for me to
> > tell myth from fact.
> >
> >
> > > > That's fine, but it's extremely important that
> you make sure to keep it
> > > > properly patched and secured while it's on our
> network. Unfortunately
> > > > UNIX-based operating systems are the most
> commonly hacked systems on
> > > > campus, so I'd like to make sure that any
> linux/unix system on our
> > > > network is not going to be posing a threat. I
> believe that most linux
> > > > distributions have some sort of auto-update
> feature to keep on top of
> > > > patches as they are released.
> > >
> >
> > Avery
> >
> >
> >
> 


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

More information about the Linux mailing list