Unpatched Linux Lives 3 Months on Internet
Allnighterking writes "The Honeypot project Honeynet.org has released their study on the expected lifetime of an unpatched default Linux install. If some of you remember AvanteGarde recently did a study of its own with several versions of Windows products and found that the average lifetime was about four minutes. Internet Week has an article on the study and the PDF with the full details of the study is available on Honeynet.org. Needless to say, from my viewpoint this is a good reason to limit Windows installations in IT that any PHB and/or Smiling Man can understand. Have them put into a spreadsheet and see what this kind of security means to their bottom line."
That value would depend on the distro and its age.
in the last 72 hours.. Where are all these IIS servers that are being targeted? Apache outnumbers them 2 to 1. Wouldn't it make more sense to target Apache?
Why do they use unpatched boxes in these types of tests? It just doesn't make a good security test, IMO. Why don't they setup a Linux box and a Windows box, and patch them both. Set up automatic updates in Windows, and a cron job on Linux to download updates nightly. Maybe install a few server processes just for fun (mail, web, ftp, and file shares / samba services for instance). Open the ports for those services, and block everything else with the vendor's firewall. I bet both boxes would stay un-hacked for years.