Slashdot Mirror

← Back to Stories (view on slashdot.org)

More Attacks on Linux than Windows

Posted by CmdrTaco on from the activate-the-shield-array dept.

the special sauce writes "This vnunet.com article discusses the trend of attacks this year as compared to last. Over all, according to mi2g, attacks are on the rise. However, though attacks on Linux systems are up, attacks on Windows based systems have actually dropped dramatically when compared to last year. If the trend continues, by the end of the year, attacks on Linux systems may surpass attacks on Windows systems."

3 of 411 comments (clear)

  1. Yea, and about CodeRed? by clump · · Score: 5, Informative

    Looking through my Snort and Apache logs, I see about 5-10 CodeRed attacks *daily*. This is something that was fixed over a year ago, and it still fills my logs. About that 'chunked' Apache vulnerability? Twice. I have seen it 2 whole times within the weeks its been out. Lets not forget about this CodeRed bug, because it surely is an attack (a full "root" attack) and I have *never* been attacked with anything else so often. I doubt any study that doesn't take this into account.

  2. not from our perspective by sloth+jr · · Score: 5, Informative
    We run hosted web services for customers that between two datacenters aggregate about 50 million web hits a month.

    Snort and logsurfer snippets from our firewall logs go off all the time. Though I would say that we have seen more attacks targeting linux services (we're a linux shop, btw) than we've seen in the past, the majority of our attacks do seem to be against windows-based services.

    From an overall security point-of-view, the last three to six months have not been great ones from a linux vulnerability point-of-view: zlib, BIND, ssh, apache, Tomcat (not that some of these problems haven't affected Windows boxen also). It's kept us hopping patching our servers. We've been lucky, so far - no successful intrusions (that we're aware of, of course!).

    In general, it seems much easier to social engineer one's way into a Windows network via email attachments than directly attack it.

  3. mi2g by doom · · Score: 5, Informative
    Evidentally, this story is a re-typing of the press release from "mi2g", so you might as well look at the original: Digital attacks on Open Source systems soar. It includes a bunch of pointers to pdfs of graphs of their data (none of which I can read because of some sort of "can't find colorspace cs8" error). But they don't appear to include any additional information, they're just graphs.

    The source of the data is supposed to be the "mi2g SIPS database", about which they say:

    The mi2g SIPS (Security Intelligence Products and Systems) database has information on over 6,000 hacker groups and maintains a record of over 60,000 individual hacking events since 1995. The SIPS intelligence citations include the 2002 Computer Security Institute (CSI) / Federal Bureau of Investigation (FBI) Computer Security Issues and Trends Survey [Vol. VIII, No. 1 - Spring 2002]

    (Do you need me to toss in some editorializing about how this is evidentally a company that specializes in publishing alarmist press releases to encourage people to buy their products? Oh, and take a look at key clients... yup, includes Microsoft).