Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Most Attacked Server?

Posted by CmdrTaco on from the certainly-more-to-gain dept.

Anonymous guy who can't remember his login sent in a story from the Globe And Mail that says "During August, 67 per cent of all successful and verifiable digital attacks against on-line servers targeted Linux, followed by Microsoft Windows at 23.2 per cent. A total of 12,892 Linux on-line servers running e-business and information sites were successfully breached in that month, followed by 4,626 Windows servers."

20 of 815 comments (clear)

  1. Canadan Newspaper != The BBC by LostCluster · · Score: 4, Informative

    Okay... do the editors read the links anymore?

    This clearly came from Canada's Globe and Mail newsmapaper, which is clearly has nothing in common with the British Broadcasting Company

  2. Corresponds with Netcraft by clustersnarf · · Score: 4, Informative

    These figures correspond almost directly to netcraft. Seems to me, more linux/apache boxes out on the net means more targets. IIS holds about 24% and apache is about 64%. DUH. Its not hard to see that there will be more attacks if there are more machines. I bet they didnt factor how many OS/2 boxes got attacked.

    Statistics are dumb.

  3. Re:Active or passive attacks? by LostCluster · · Score: 5, Informative

    Numbers without a counting methodogy are usually worthless. We've got a small article that doesn't even name what "british security company" released the data, and a summary that somehow gets the BBC involved even though they're nowhere to be found in the story.

    Uhm... slow /. day?

  4. Re:Yeah... by notsewmit · · Score: 5, Informative

    Exactly.... the report would have been better if they had broken it down like this:

    OS
    % of Total Hacks
    % of Servers running OS Hacked

  5. Re:Staying uptodate costs money... by Kevinv · · Score: 5, Informative

    Both debian and gentoo (and Red Hat) have security mailing lists that list packages/ebuilds that have been updated for security reasons. I know Debian & Red Hat's are cross-posted with Bugtraq, not sure about Gentoo's.

    Finding updated packages isn't a big deal. Harder is finding what software has an announced vulnerability that hasn't been patched by it's respective distribution yet. Red Hat uptodate has the same problem, if Red Hat hasn't patched the vunerability yet you won't know about it.

    Of course in the Open Source world the updates come pretty quick after the annoucement anyway, but if there were some software app that had a real old version with no maintaniner as the default it could present a problem.

  6. mi2g by FrostedWheat · · Score: 5, Informative

    Brought to us by our friends at mi2g. I'd take this with a grain of salt.

  7. Re:Staying uptodate costs money... by jimfrost · · Score: 3, Informative
    Although I don't like Microsoft's software and it's a real pain having to get all the latest patches, they do at least tell us when they've got a patch.

    I don't know about Linux vendors in general, but Red Hat has offered such a notification service for years. You don't even have to pay them for it, just sign up for their security mailing list. I've been getting such notifications for a long time; I probably get a dozen a week.

    --
    jim frost
    jimf@frostbytes.com
  8. Re:Staying uptodate costs money... by lordcorusa · · Score: 4, Informative

    If the only reason you pay for Red Hat Network is to get automatic updates, I strongly suggest you look at apt-get for rpm. It provides the exact same updates as up2date, only they are free. If you don't trust them you can check the digital sigs on the packages; they come unaltered from Red Hat. Optionally, it can also provide additional packages not found on the Red Hat distribution.

    Apt-get doesn't explicitly notify you when updates come in, however it is trivial to write a script to automate the process of checking for updates. For the super-lazy, you can even continue to use the free version of Red Hat's up2date notification icon to alert you when updates come in, and then use apt-get to actually fetch them.

    Of course, there are probably other reasons you pay for RHN, such as technical support, a desire to give back to Red Hat, etc...

    Just thought I'd make sure you know about an excellent free alternative.

    --
    The preceding comments reflect the author's personal opinion and are public domain, unless explicitly stated otherwise.
  9. Re:Staying uptodate costs money... by trickycamel · · Score: 4, Informative

    It's ironic that Microsoft provides that service for free, whereas Linux requires paying money.
    No it doesn't. Tried Debian security advisories?
    --
    Sig? What sig?
  10. Re:Staying uptodate costs money... by Mikey-San · · Score: 3, Informative

    Actually, MS doesn't want people talking about security holes they find in MS software:

    http://www.microsoft.com/technet/treeview/defaul t. asp?url=/technet/columns/security/essays/noarch.as p

    http://www.pcworld.com/news/article/0,aid,63784, 00 .asp

    As Steve Jobs once said, "Every security scheme that is based on secrets eventually fails."

    --
    Mikey-San
    Karma: +Eleventy billion (mostly affected by watching Celebrity Jeopardy)
  11. mi2g Intelligence Unit by taybin · · Score: 3, Informative

    Any information that comes out of mi2g is suspect. They have been heavily criticized by Rob Rosenburger of Vmyths, a computer security hysteria site.

  12. Re:Active or passive attacks? by squiggleslash · · Score: 3, Informative
    Ah, mi2g, one of the most reputable security consultants in the world...

    You know, I did initially believe this story, despite the fact my DSL web server (thanks Earthlink for not joining the draconian-ToS mob) still logs several NIMDA and whatever-that-other-one-that-looks-the-same-is-cal led attacks every single day. The fact that Linux now has such a high market share, and the poor reputation of some of the larger Linux distribution vendors for security, coupled with the obsessive "Must...run...latest...version" attitude of many users I've noticed, made it look genuine.

    Given who wrote it, I don't believe a word of it. I'm not saying it's impossible for it to be true, but I will say that if it is, mi2g have simply accidentally blurted out the right information, not that there's any reason for them to have done so.

    --
    You are not alone. This is not normal. None of this is normal.
  13. mi2g - computer security hysteria specialists by tagishsimon · · Score: 5, Informative
    mi2g - authors of the report being discussed, are the single most dissed security company I know of. They're derided by such a long list of organisations, that one might wonder if there's any point giving their work houseroom. They certainly appear to be PR whores, and, bless' em, good at this part of their job.

    Vmyths appears to summarise the anti-mi2g camps position. Searches for mi2g on NTK and The Register, (when its search engine is working) for mi2g are as enlightening as they are amusing.

  14. This is from mi2g by Population · · Score: 3, Informative

    http://www.theregister.co.uk/content/55/28233.html

    They suck.

  15. Um, check your facts sport... by jonfromspace · · Score: 3, Informative

    Netcraf September 2003 survey says otherwise...

    --
    I am become Troll, destroyer of threads
    1. Re:Um, check your facts sport... by wasabii · · Score: 3, Informative

      Incorrect. This is on Professional editions of Windows, 2k included. You can have 10 simultanious connections from externals hosts at one time. This includes IIS and Windows shares and Apache. The license for Server edition does not have this clause. There is no IIS restriction.

  16. Re:Hmm... by SillySlashdotName · · Score: 5, Informative

    Not the BBC, from Globe News - No I hadn't ever heard of them either.

    From a press release from the people at mi2g - google for it, interesting information in the SECOND entry...

    Not funded by MS, this is a security consulting group of dubious integrity.

    Some of my favorite quotes in reference to their press releases -

    "Mathmatical Masturbation" Richard Forno (InfoWarrior.org).

    "Winn Schwartau, author of Pearl Harbor Dot Com, noted that mi2g seems to be relying solely on hacks that have been publicly documented".

    "Their statistics are basically worthless." Marquis Grove, editor of the Security News Portal.

    "mi2g continue to drum up PR about an "Inter-fada," or holy cyber-war, that rages between Palestine & Israel."

    and

    "Fearmongers" Rob Rosenberger, Vmyths editor.

    Read more at Vmyths.com

    --
    Acts of massive stupidity are almost never covered by warranty. --me.
  17. Globe and Mail by Stephen+Samuel · · Score: 4, Informative
    The Globe and Mail is one of Canada's two national newspapers. It's national competition is the The National Post.

    The Globe and Mail is the older and generally more respected newspaper. The National Post is a recent upstart. It is generally considered much more right-wing and a bit downscale.

    --
    Free Software: Like love, it grows best when given away.
  18. Re:Help me with the math here by Anonymous Coward · · Score: 4, Informative

    These results btw really are not statistically significant. The percentage of servers to proportions of attacks are essentially equal. Nothing but FUD for non stochastic minded people.

  19. Re:No Challenge to Breaching Windows Security by Homology · · Score: 3, Informative
    Anybody can into Windows, but it takes a real hacker to get into Linux.

    In the book Repelling the Wily Hacker there is an amusing story about a Unix box getting rooted, and the script kiddie starts typing DOS commands.

    Just to give an example that it does not take a real hacker to get into a Linux box as such. Other factors are also quite important.