Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is Your OS Tough Enough?

Posted by timothy on from the mepis-seems-to-do-alright dept.

LE UI Guy writes "A Denver Post article examines the Internet 'horrors' Windows, Mac and Linux users face simply being connected to the Internet with only an out-of-box configuration. Over the course of a single week the machines were scanned 46,255 times. The test didn't look into additional security threats caused by surfing the web or reading e-mail, just the connection itself."

9 of 597 comments (clear)

  1. Conclusion summary: by rasafras · · Score: 4, Interesting

    Unpatched Windows: Bad.
    Patched Windows, Mac, Linux: Good.

    Point? We already hear how much worse security Windows has multiple times a day. This doesn't even say it outright...
    The real thing I gained from the article is the fact that there are still an immense number of infected computers out there, and this brings me to the question: where? How many people could there possibly be out there whose computers are being run by various exploits? We already know that they're all thanks to people that suck at patching their machines, and I find that to be a much larger problem than the security of a fully patched OS.

    --
    webpage
  2. Re:Now open sendmail and config it. by innosent · · Score: 4, Interesting

    Agreed, for instance, the default configs with FreeBSD 5.x are so secure, you can't even send mail from your own system. You can send between users, but that's it, no relays, no outbound of any kind. Of course, it would be nice if people who only need one element of sendmail (sending mail, not receiving it) would realize that a full-featured mailer daemon is overkill, and an invitation for problems. If all you need is something that can send alerts (like from your non-mail servers), use something like sSMTP, a sendmail workalike that can only send mail through your real mail server (even outside accounts, it can handle servers that require authentication). Don't blame sendmail for giving you a headache on 50 systems, when you should never have turned it on in the first place.

    --
    --That's the point of being root, you can do anything you want, even if it's stupid.
  3. Re:idiot... by rpbailey1642 · · Score: 5, Interesting
    Wow, that was an angry response. Yes, I did read the article before I posted, that's how I knew they did upgrades on Win XP SP2 and none of the other systems. The article explictly stated that the Win XP SP1 system was exploited by Blaster and Sasser in under 18 minutes, which is good enough to call them "hacked". There are three faults with the second part of your argument stating that if they haven't upgraded to SP2 they deserved to be hacked. In the first, there are those who can not upgrade due to programs (custom jobs, programs no longer supported by their manufacturers) that will no longer work with SP2. In the second, there are those who turned off (or had a "helpful" tech turn off) their automatic updates and have no idea how to update their system. Yes, they should know their computers better, but that's a debate for another time and it's one that we've rehashed time and time again. In the third, they only updated Win XP SP2. Had they done all the upgrades on all the systems, I have a feeling the Win system would still not have fared as well as the UNIX-based systems. Remember, there *HAVE* been exploits for XP SP2 in the wild already. Granted, XP SP2 is a step in the right direction, but it is nowhere near perfect. Viruses, spyware, etc are still a problem.

    You are anonymous, and most likely you are attempting to troll. I probably should not have bitten but what can I say, it gave me the chance to rant a bit.

  4. Re:idiot... by rpbailey1642 · · Score: 4, Interesting

    Story about the firewall not blocking Windows shares. I think Slashdot carried this story a long time ago as well. Do not get me wrong, the firewall and steps in SP2 are a nice step, but they simply are not enough at this point. Unless the user is actively involved, no default Windows setup will be enough.

  5. Re:Of course by MoriaOrc · · Score: 5, Interesting

    Except, as the article says, WinXP SP1 is still quite common. Hell, I still use Win2k SP4. I wish they'd run the test with that.

  6. Whats an attack? by Anonymous Coward · · Score: 5, Interesting

    The article makes great mention of "attacks" but fails to mention what an "attack" actually consists of.

    For example: they say Windows XP SP2 got attacked 16 times.

    Does that mean it got port scanned 16 times? It can't as i'm sure it got port scanned many more times than that.
    or
    Does that mean it got infected 16 times? It can't because they said it survived all attacks.

    So what on earth were these attacks?

  7. Re:Lame article. by louarnkoz · · Score: 4, Interesting
    There is something bizarre in the way the article counts "attacks". In theory, the number of attacks should be almost the same for each computer in the honeypot, because most viruses don't know what they are attacking.

    The blaster and sasser worms, for example, make no attempt at reconnaissance. They simply blast TCP connections to IP addresses chosen at random. In theory, they have exactly as many chances of attacking the XP/SP1 box as the XP/SP2 box, or for that matter any the Mac or any of the Linux boxes. The attack is much more likely to be successful of tne SP1 box, but that does not mean the other computers were not attacked.

    So, what did they actually count? What do those numbers mean?

  8. I do it by Phil+Urich · · Score: 4, Interesting

    I have no firewall, or router. I'm running XP SP1. And I've never had a single problem (my virus scanner hasn't even had to do any work . . . and I have open shares, including an upload folder!).

    By conventional logic, my box should be dead by now. Especially since I keep it on nearly 24/7, connected up to teh intarweb. Go ahead and say I'm just lucky, but I think that if you just have a computer reasonably configured, the over-the-top security that most people think is necessary . . . well, it isn't. I do update with security patches often, and that's about as far along as I go with conventional means of protection.

    So what's the secret, then? I don't entirely know, I think it must be alot of little things combining. Partially, I think things aren't quite as horribly insecure as people think; just that when they are, and they often are by default, things go so horribly wrong that it colours one's perspective on the issue. The other thing is, I don't use any Microsoft products other than Windows itself, really. Third-party chat, Eudora for e-mail, Firefox and Opera for browsing, WordPerfect and OpenOffice for all the office-style needs, etc etc. True, that isn't at all what the original article is talking about, but I'm hardly the first to deviate from topic here.

    --
    I remember sigs. Oh, a simpler time!
  9. Re:PLEASE MOD PARENT UP! by FireFury03 · · Score: 4, Interesting

    If normal users understood that direct connections to the net were bad, they'd all buy routers, they'd consider firewalls, probably ones configured to block all but MSN, E-mail and web access, and we'd live in a considerably more worm free world.

    I think you are giving many users far too much credit. 90% of the cases where I have to deal with customers who have misconfigured their mail server as a spam relay, I get a response similar to "Yeah, I know that's really insecure and lets spammers use it, but it was [easier to set up]/[only going to be like that for a few weeks]/[not as if I was telling the spammers the open relay was there]" (delete as appropriate).

    The point is that these people *knew* that what they were doing was really stupid, but were doing it anyway because they couldn't be bothered to be secure. Of course it always comes back to bite them in the ass when their server falls over with several million spams in the mail relay queue and a completely saturated ADSL connection.

    --
    http://blog.nexusuk.org