AntiOnline: Maximum Security for a Connected World

It looks like Microsoft just can't catch a break when it comes to OS security. Worms, viruses, and exploits dog Windows just like the BSOD used to do in its less stable variants. More and more, Linux is looking like the OS for secure computing.

Not so fast...

A recent study came up with some startling conclusions. Linux machines, it turns out, is the victim of more successful attacks. The UK hacker tracker outfit, MI2G, found that more Linux-based servers beat out Windows servers in letting outsiders in. How can this be?

After picking their jaws up off the floor and recovering from a brief bout of denial, AntiOnline members got to the business of dissecting this news.

As usual, they offer some worthwhile advice along tips on securing your systems, whether they fly under the Linux banner or otherwise.


Linux Takes Brunt of Digital Attacks - eSecurity Planet
Linux remains the most attacked online server operating system, according to a new report.

Note: The opinions expressed below are solely those of the individual posters on the AntiOnline forums.

Direct link to this week's spotlight thread:

Linux Is #1 Hacker Target


tonybradley alerts the AntiOnline community to some interesting statistics. Surely, these numbers can't be right...

Similar to this thread posted in June: Linux: More Vulnerable Than Windows?, a recent report says that the Linux operating system(s) are successfully hacked more than any other.

mi2g has been tracking data since 1995. Their database contains information on over 280,000 attacks. Based on their data, Linux led the pack during the month of August with 67% of the successful attacks being against Linux servers.

Is this study missing something? MsMittens wants to know.
But isn't this a skewed report in that there are hundreds of variations of Linux and really only one Windows (so to speak in that only Microsoft makes Windows)?
tonybradley offers the following insight:

Yes and no. It might be more apples to apples to break down the Linux versions and state specifically WHICH incarnation of Linux is most vulnerable or how that rates against Microsoft.

However, wouldn't you then also need to break down Windows into its flavors? You would need to know specifically which versions of Windows – 98, Me, 2000, NT, XP, etc. – rather than lumping all of Microsoft together.

And, just like there are different Linux kernels and versions, you would further need to break it down and say that Windows 2000 Pro is vulnerable x% of the time, but Windows 2000 Pro SP2 is only vulnerable x% and Windows 2000 Pro SP4 is vulnerable even less than that or something. In other words, the service packs sort of parallel or represent the kernel updates and should be considered separately. My Windows 2000 Pro SP4 system is significantly more secure than the base Windows 2000 Pro.

Plus, in the article D.K. Matai of mi2g makes the statement that it has as much or more to do with vulnerable 3rd party applications (sendmail, pine, apache, etc) that run on Linux as it does with the actual Linux kernel or OS. So, those are fairly generic across Linux platforms.

I think that the bottom line is, was and always will be that no operating system or application is "secure by default". It comes down to the owner / administrator having the intelligence and initiative to understand the vulnerabilities and keep current with maintaining patches and securing their system / environment.

mohaughn observes...
The data that was gathered was using real life situations. How many linux or windows systems sit out on the Internet running just the base OS load? Not very many. Also given that most Linux variants are loaded with a standard distribution that in many cases includes the vulnerable software is the main point that the article is trying to raise. If a windows system was successfully attacked via a vulnerability in Domino server, the attack would count against MS, not Novell. The report is meant to show the number of attacks occurring against real-world systems, running real-world software. It is not meant to be taken as an "MS is better than Linux"-type article.

The one thing that nobody has mentioned is the market share that MS has and the fact that even with an exponentially larger installed base of systems, MS still has less systems attacked via this method of reporting than Linux. I think this shows a major push that Linux was trying to use to gain market share that in reality is not true. Which is that the OS itself is not more secure. I know of several web admins that have switched to Linux because they thought they would be more secure systems to run. In a few of the cases the administrators did not have the skills that they needed to properly run a Linux server, so the end result is a less secure system.

It should also be noted that in most cases this is only telling you about web defacements. If somebody broke into a SQL server running on Win2k, it wouldn't make it into this set of stats as that is not something you can just email to a web defacement archive and be able to verify. So the article would be more properly named "Linux more popular target amongst script kiddies."

Read the rest of this thread here.

What is AntiOnline?

AntiOnline (AO) is home to many of the most popular network security discussion forums online. Here, participants engage in candid, thought-provoking and enlightening exchanges on security hazards and how to protect your systems against them.

We invite you to join the AO community (it's free!), share your wisdom and learn a few things in the process. Stay tuned as Enterprise IT Planet spotlights the eye-opening discussions and expert participants that have helped make AO the "go to" online resource for network security.