You know, I love the whole "linux is more secure" bullshit that a lot of people get hooked on. I had a vendor connect to one of my networks (with 3gbps of uplink, screw your DS3, kid) a couple weeks back with a set of servers running CentOS. Default install, right out of the box. It took less than a day for the entire setup to get hacked, causing me to disable their uplink. This is the second vendor we have had who brought in Linux servers that have been compromised. On the other hand, our IT department, that controls our corporate data center, has over a hundred windows server 2003 machines that have *never* been compromised.
What this says is simple; its not the operating system, its the user or the administrator. New sysadmins rarely understand true security. And new sysadmins rarely administer the Linux servers - they get stuck with the Windows servers and keeping all the Windows desktops safe.
I am not defending Windows. I am not promoting Windows. If I need a DNS server, I use Linux. If I need a NEBS compliant server to team with with a softswitch, I use Solaris. If I'm capturing IP packets for troubleshooting, I use Windows. If I need a firewall, I buy one. Every job has the proper tool.
-Rob
Slashdot Mirror
You know, I love the whole "linux is more secure" bullshit that a lot of people get hooked on. I had a vendor connect to one of my networks (with 3gbps of uplink, screw your DS3, kid) a couple weeks back with a set of servers running CentOS. Default install, right out of the box. It took less than a day for the entire setup to get hacked, causing me to disable their uplink. This is the second vendor we have had who brought in Linux servers that have been compromised. On the other hand, our IT department, that controls our corporate data center, has over a hundred windows server 2003 machines that have *never* been compromised. What this says is simple; its not the operating system, its the user or the administrator. New sysadmins rarely understand true security. And new sysadmins rarely administer the Linux servers - they get stuck with the Windows servers and keeping all the Windows desktops safe. I am not defending Windows. I am not promoting Windows. If I need a DNS server, I use Linux. If I need a NEBS compliant server to team with with a softswitch, I use Solaris. If I'm capturing IP packets for troubleshooting, I use Windows. If I need a firewall, I buy one. Every job has the proper tool. -Rob