Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is Your OS Tough Enough?

Posted by timothy on from the mepis-seems-to-do-alright dept.

LE UI Guy writes "A Denver Post article examines the Internet 'horrors' Windows, Mac and Linux users face simply being connected to the Internet with only an out-of-box configuration. Over the course of a single week the machines were scanned 46,255 times. The test didn't look into additional security threats caused by surfing the web or reading e-mail, just the connection itself."

18 of 597 comments (clear)

  1. Of course by jdwest · · Score: 5, Funny

    If you build it, they will come.

    --

    Lorem ipsum dolor sit amet ...
    1. Re:Of course by MoriaOrc · · Score: 5, Interesting

      Except, as the article says, WinXP SP1 is still quite common. Hell, I still use Win2k SP4. I wish they'd run the test with that.

  2. Not News by swillden · · Score: 5, Funny

    This news isn't news. What's news is this news is in the news!

    --
    Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    1. Re:Not News by KevMar · · Score: 5, Insightful

      Exactly, This does not tell us anything we did not know before. How many honeypot papers have told us this already.

      It is sad that the internet has become so hostile. At work I connected one of our servers to a connection on the outside of our firewall for some remote support (didn't have the VPN papers signed yet). The moment that I enabled the nic, the server informed me that the RPC Service has failed and the computer will shut down.

      I was foolish for not checking the patch levels. I assumed that someone else was on top of that. A mistake I will not make again. But home users have problems of their own. They don't know they have to keep it up patched. If I had my grandma running Linux, I would be the one patching it. What about converting all my friends and family to Linux. I would be so overwhelmed keeping each one current.

      As it stands, I format, install XP /w SP2, change their user accounts to limited access, install spyware detection, antivirus, leave the firewall and automatic updates on, and finally put firefox on the desktop.

      At the same time, I have to explain why XP is better than the 98 or ME that came with the computer, what SP2 is and why it takes so long, what a firewall is, what firefox is, why I created a special admin account for them to install stuff with and why the should never surf the web while logged into admin with the red background.

      And if you are a slashdot regular, I am not telling you anything new. I should release this as a news story, but as we all know, this is not news. Its just the way it is.

      --
      Kevin Marquette
      antispyware

      --
      Im a gamer, not a grammer major. This post is full of spelling and grammer mistakes.
  3. Even modern linux distros need to be sanitized by Ars-Fartsica · · Score: 5, Insightful

    Look at all of the software and services running on a modern linux distro - FC3 for example. I have spent a great deal of time shutting off everything I really don't need and erasing piles of useless rpms installed by the distro (its 2005 - I don't need talk). Any software you don't use or services you do not need are just potential security holes.

    1. Re:Even modern linux distros need to be sanitized by LnxAddct · · Score: 5, Informative

      FC has no services running by default that connect to the internet unless you specify otherwise. Also you have complete control over every program installed at installation time. Regardless, an entire FC3 install with all the thousands of applications takes up approx 4 gigs, thats really not much for what your getting. A server install is something like 800 mb, and thats before you cut off the fat. I always do a full install because its nice to just have everything you need, a program sitting on my harddrive isn't doing anyone any harm.

      FC3's firewall is also set up very well and has been noted to have one of the best default setups out of many of the linux distros. Some of the other protections included in FC3 are SElinux which has policies for all major services and exec-shield is also extensively used. All major services connecting out are compiled with switches that randomize the memory allocation, which may have the negative side affect of taking a little longer to start because it can't prelink, but it really helps against many attacks because every machine has its memory mapped in different locations. The amount of security that Red Hat puts into FC3 while still leaving it so functional is pretty amazing. Most of the vulnerabilities found usually can't do much harm after you consider the layers of security and the other standard security measures, i.e. users and setting up perms correctly. Its nice to know though that the latest outbreak of [insert worm here] *probably* won't affect you.
      Regards,
      Steve

  4. Lame article. by Seumas · · Score: 5, Insightful

    Just because people can knock on every door doesn't mean that every door is as insecure as the next. You can knock on every door in a neighborhood, but some will be better constructed and have more secure locks. Still, none prevent one from knocking.

    If they're only tracking ping/scan attempts, there is no reason to even include mac/linux in this.

  5. Security by BWJones · · Score: 5, Informative

    These results mirror what I typically see on my workstation. I run a couple of websites on my workstation including our laboratory website, and my blog. Logs are monitored constantly with a nice tool called mkconsole that displays the logs transparently on my desktop. Several times a week, there is an attack. Most however are either scripted or fairly primitive, although last week there was a sophisticated attack that that bounced through a compromised Windows machine on campus. We tracked it back to an AOL user on the East coast and reported his IP address to the sysadmins. They sent an email back to me letting me know that they would follow it up. I've not heard anything else since, but in addition to using a more secure OS, one should also maintain a vigilance of your systems to help keep things under control and if you do use Windows, PLEASE keep it patched with recent security releases.

    The truth is that if somebody really does want to get into your system, it can happen. In addition to using a secure OS and keeping the security updates current, securing physical access is your next line of defense.

    --
    Visit Jonesblog and say hello.
  6. Re:Yet again... by Anonymous Coward · · Score: 5, Funny
    I wonder how MS can sleep at night

    Obligatory: On piles and piles of money. :-)

  7. -1 Off topic by Mudcathi · · Score: 5, Funny
    Over the course of a single week the machines were scanned 46,255 times.

    I got stuck in the self-checkout line at Walmart once, behind a lady who had this same problem.

    /sucked!

    --

    "He who throws mud, loses ground." - proverb

  8. Don't bother reading the article by cecom · · Score: 5, Funny

    TFA tells us that Windows XP SP2 is more secure than Windows XP SP1 (unbelievable!!) and that there are fewer attackers targeting Linux and MacOS than Windows (hmmm - I wonder why ?).

    Very thought provoking and innovative information indeed.

  9. Virus Scan by null+etc. · · Score: 5, Funny
    SP 1 was attacked 4,857 times. It was infested within 18 minutes by the Blaster and Sasser worms. Within an hour it became a "bot," or a machine controlled by a remote computer, and began attacking other Windows computers.

    From what I remember in Tron, this visually looks very cool. Digital warriors fighting on a neon grid, etc.

    I'm pretty stumped, though. I tried to get my box pwned eight times, just to see the digital battle. I thought at the least Norton Antivirus would sent a digital probe destroyer bot out to eradicate the trojans. But all that happened was my computer got really slow, and pop-ups kept showing up, advertising herbal virility pills for men.

    Come to think of it, Hollywood movies never seem to match up with what my computer does. That's it, I'm going to stop believing them movies and start reading Wikipedia instead.

  10. SP1 Earns a pass? by salemlb · · Score: 5, Insightful

    According the article, no one was all that surprised Win XP SP 1 went down in 18 minutes. After all, it is not up to date... it is essentially an old OS, right? So this is expected, right? Old OSs should be broken into, right? And then we have OS X 10.2, aka, Jaguar. No successful attacks. Older OS, check. Not up to date with all the latest security features that are in Panther, check. And not one successful attack. One company makes on OS that still stands after two and a half years... one company makes an OS that only stands after a major major major patch and constant updates that sometimes break software. Now, which company's OS would I choose to build a secure network? Sure, it's a flawed argument, but still I think worth noting.

  11. *nix will be a major target of worms in the future by Kip+Winger · · Score: 5, Funny
    Despite Linux being hardened, its basis still is Unix -- which, from the beginning, was coded with such grevious insecurities, such as using a blank gets() at the beginning of crucial protocols. Worms ripped apart Unix in the 80s, and despite what has been hardened since, the methodologies which ripped Unix apart in the 80s mostly are still being used in Windows development.

    Microsoft might have something with Windows Longhorn, since the entire API outside of the kernel will be written in C# completely sandboxed in a CLR, much like Java.

    Combined with a monolithic auto-update system, Microsoft has no intentions of repeating the problems of Windows 2000/XP when they release Longhorn, much like they had no intention of repeating the problems of stability they had with Windows 95/98/ME when they designed Windows 2000/XP. For as much as they do, they mostly won with stability in 2000/XP, and they could win again, despite their market share, by sacrificing RAM (480MB commit charge, 1GB recommended) and processing power by implementing the .NET framework for their entire API.

    I honestly hope open source has something to compete for their future desktop environments, or else desktop Linux could be relegated to processors too slow to deal with the overhead.

    --
    - - - - - Fear not the reaper, but my shiny white teeth.
  12. Re:idiot... by rpbailey1642 · · Score: 5, Interesting
    Wow, that was an angry response. Yes, I did read the article before I posted, that's how I knew they did upgrades on Win XP SP2 and none of the other systems. The article explictly stated that the Win XP SP1 system was exploited by Blaster and Sasser in under 18 minutes, which is good enough to call them "hacked". There are three faults with the second part of your argument stating that if they haven't upgraded to SP2 they deserved to be hacked. In the first, there are those who can not upgrade due to programs (custom jobs, programs no longer supported by their manufacturers) that will no longer work with SP2. In the second, there are those who turned off (or had a "helpful" tech turn off) their automatic updates and have no idea how to update their system. Yes, they should know their computers better, but that's a debate for another time and it's one that we've rehashed time and time again. In the third, they only updated Win XP SP2. Had they done all the upgrades on all the systems, I have a feeling the Win system would still not have fared as well as the UNIX-based systems. Remember, there *HAVE* been exploits for XP SP2 in the wild already. Granted, XP SP2 is a step in the right direction, but it is nowhere near perfect. Viruses, spyware, etc are still a problem.

    You are anonymous, and most likely you are attempting to troll. I probably should not have bitten but what can I say, it gave me the chance to rant a bit.

  13. Whats an attack? by Anonymous Coward · · Score: 5, Interesting

    The article makes great mention of "attacks" but fails to mention what an "attack" actually consists of.

    For example: they say Windows XP SP2 got attacked 16 times.

    Does that mean it got port scanned 16 times? It can't as i'm sure it got port scanned many more times than that.
    or
    Does that mean it got infected 16 times? It can't because they said it survived all attacks.

    So what on earth were these attacks?

  14. Sometimes you have no choice by Marran+Gray · · Score: 5, Insightful

    While I agree that it might have been instructive to include, say, RedHat 7 in the lineup, security of original XP is still an important consideration. First, to hear MS at the time, XP-SP1 should have been more solid then and should be more solid now. But far more importantly, we see how vital it is to fully patch your XP system before connecting it to the internet. And where do I get those patches from? Oops...

    The catch-22 is that time-to-infection is much shorter than time-to-patch for Windows XP, even with a contemporary internet connection. If you don't have SP2 media, and don't have some other means of (manually) acquiring the latest patches, you're dead in the water. Yes, there are workarounds; you can install some ice of your own before you connect, for that matter, but that obviates all the really neat security features of SP2 with a 3rd-party solution. "Not the solution he had in mind..."

    Admittedly, part of this is due to the fact that Windows is "productized", i.e. you have a box containing Windows and you can add patches. With Linux operating systems I think there's a lot more sensitivity to versioning and awareness of granularity; you aren't working on this monolithic thing in need of repair but on a collection of components which can be individually upgraded. Partly psychological, yes, but you also have the advantage of simply leaving out "risky" components until you can get everything up to date. You can run a Linux OS with no services, nothing particularly visible except the interface you're downloading updates through. That's not an option with Windows.

    --
    "There are hundreds of game theorists at the gates, sir, and they want to hold an election!"
  15. Re:PLEASE MOD PARENT UP! by geordie_loz · · Score: 5, Insightful

    I agree that this is a secure thing. The problem is, nowhere does it tell a novice user that you should enable the firewall, connect to the net then, download patches, then you're secure

    The problem with the security is not that the machine can never be made secure, but that it starts out as a terribly insecure product. This is a problem. Most users are out of the box users. They have no understanding, so they don't know about the firewal etc.. They're told by MS that for security they need to patch using windows update. The point above is that this isn't actually that secure, and while this is happening a compromise can take place.

    The main issue here is the slack standards Microsoft use to get their products out the door, and their trade off of complexity to security. They are scared of treating their customers with intelligence, and educating them correctly about the actual process of securing and methods of attack (not necessarily at too technical a level) so good practices are used. For fear of confusing the users the XP SP1 firewall is off, and it's not the only software that has all the security off by default.

    If normal users understood that direct connections to the net were bad, they'd all buy routers, they'd consider firewalls, probably ones configured to block all but MSN, E-mail and web access, and we'd live in a considerably more worm free world.

    The OS may be securable, but it is not secure by default!. That is the problem, because most users don't do anything but the default (hence Explorer's 90% market share)