Domain: alldas.org
Stories and comments across the archive that link to alldas.org.
Comments · 8
-
Re:Doesn't this prove at secure systems are bad ?
Note that statistically,
0.31% of defaced sites were running OpenBSD, which greatly contrasts with netcraft's statistics that over 59% of indexed web sites use the Apache httpd server, and considering that Apache runs on the BSD's, Linux, commercial *nix's, Windows, MacOS ... even assuming an equal distribution, this means that the defaced sites are at least two orders of magnitude less than the total sites using OpenBSD (ok, that is a lot of assuming, but I couldn't find statistics of server OS distribution). -
Wouldn't Doub It
But the trend of Linux boxes that get 0wn3d comapred to the Windows boxes that get 0wn3d probably show a difrent story.
Check out Alldas.org ffor some numbers. -
well if you believe alldas.org
Windows has been successfully attacked over twice as often than Linux since 4/2000. Looking at today's list, 17 Win, 12 Linux, 15 other.
-
well if you believe alldas.org
Windows has been successfully attacked over twice as often than Linux since 4/2000. Looking at today's list, 17 Win, 12 Linux, 15 other.
-
Re:Doesn't this prove at secure systems are bad ?
-
Re:First OpenBSD honeypot
Well that doesn't mean you're secure.
It's worth remembering for some OpenBSD worshipping newbie zealots that every OS is as secure as the admin installing/maintaining the server.
Let me say that I know the seasoned OpenBSD users surely are not prone to that, but that is true for (nearly) any OS, and for all *nixes. -
Re:oxymoronic
Security? A comparison of 2001 CERT advisories shows that closed source software constituted 72%.
So what? That might mean that closed source software has wider deployment. It might mean that closed source software is scrutinized more closely. It might even mean that closed source software is used in more places where security matters.alldas.org defacement statistics per OS place Linux, an open source OS, at 22%, while Solaris, which is closed source, clocks in at 4%.
I also note that you failed to answer my question: if open source makes for secure software, then why do we need something like OpenBSD at all? Why are not all open source OS's as secure as OpenBSD?
The bottom line is that the distinction closed/open should make very little difference when evaluating the security aspect of any particular installation.
Stability? Netcraft shows that the web servers with the top 10 average [netcraft.com] and the top 19 maximum [netcraft.com] uptimes are Open Source.
Again, irrelevant. It might mean that open source people will go to great lengths to avoid rebooting their machines. It might even mean that open source software is conservative/stagnant. Unless the reboots actually hurt business there is no inherent advantage to long uptimes.They get great stability and security through honest desire and mass co-operation.
Great stability and security are achieved by paying a lot of attention to stability and security. The development method is strictly secondary.Linux, FreeBSD and OpenBSD has NEVER crashed on me in normal circumstances
What can I say. Try harder. For example take a look at how Linux MM will happily let a process run amok with a high probability of wrecking the box.Learning OpenBSD for someone who is knowledgable about network security is far from steep learning.
That might be true, but is hardly any consolation if OpenBSD does not do what you need it to do.Even in light of the recent vulnerability, Apache actually has a good security history. The last time it was mentioned in a CERT advisory was 1996. IIS has been mentioned 8 times since.
What about the 13 Apache vulnerabilities since 1999?Can you find a closed source hole that was fixed in hours?
Easy. Ping of death was fixed within 48 hours on Windows. I'll grant that the Linux fix got there faster. So what? -
Think Private
I wonder if Carnivore is an x86 only program? Somehow I doubt there would be a Mac version since it uses PPC, or at least, not a Mac os X version yet. Perhaps a Carbon version of Carnivore is coming down the pike though...
:)
Reasons to Think Private:
- Virus/Worms are primarily written for Windows
- Server Attacks are primarily on Windows
- Carnivore is X86 Wintel Exclusive?
Perhaps not the best new apple campaign...hrrmmm.