If you've ever read or actually followed bugtraq, you would know that a fair number of these 'vulnerabilities' are simply misconfigurations (file permissions, suid...). Also, linux distributions post vulnerabilities about every peice of software bundled with their distro from netscape to gpm. This list of vulnerabilities does not reflect the robustness of linux, but rather the entire suite of programs ever packaged under linux. (I think debian is up to 4500?) 122 vulnerabilites out of 4500 or 99 vulernabilites out of a handful of microsoft products. The only notable vuln pertain to linux as an o/s was the capabilities bug from kernel Also, as many point out, this guy is on microsoft's payroll. Notice how he mentions that
In 1999, the year it took over the server market in earnest, Windows NT totaled 99 new
vulnerabilities on the BugTraq list. (So far in 2000, the count stands
at 37.) This looks like an alarmingly high number in comparison with
Solaris' 34 or NetBSD's 10, but it is significantly less than the 122
racked up by Red Hat and the other Linuxes (their 2000 count stands
at 47).
and by simple math, he concludes
If you look this list over, and measure each system's number of vulnerabilities against the number of its customers, Linux is arguably the worst operating-system product in history, and Microsoft's the best.
> 1. Converting MC*E types to Linux > 2. Convincing new admins that they would really rather do Linux than Winders
Agreed. However, this product has no place in a production environment. Administering a unix server takes more than what any single GUI can give you. You can't anticipate every flat file or program that is going to be installed with a module. Shell interaction is the backbone of *nix and its not going to go away anytime soon.
That being said, this product is a great starting point for newbies/MC*E on their home computers. I applaud the efforts of Mount Linux for (at a first glance) a nice step in the right direction. It can give a newcomer a feel for how things work and (generally) where to goto find information. Knowing that in order to disable telnet, one must go into something called "inetd", is a nice baby step to knowing that inetd.conf is in/etc. Being that unix is as flexible as it is, admins must be competent in their abilities and be able to properly set things up. I would rather have a smaller number of well maintained linux servers than a large number of insecure or broken linux boxes. Administering a unix server requires a certain level of knowledge. I think this product could definately help as a step stool, but not a whole lot more.
> Category 4, new admins, is much more fertile. Lots of aspiring admins go the MCSE route. There are a number of reasons for that, the biggest being that MCSE is an instant > credetential. Enter half the reason for script kiddies can do whatever they want on the internet. People use certification as an benchmark for knowledge. Certification is nice to show that you know some stuff, but is no where nere a minimum requirement for someone to administer a server.
>We have responded to that in part with the Red Hat cert. Another major reason for the continued success of NT is the illusion that it is easy to admin (it's an illusion > because the troubleshooting of inevitable failures, in the long run, more than make up for the crunchy point-and-click ease of setup). This is why olypus should be a good starting point. Aspiring admins can see the stability and ease of maintenance without having the frustration of a steep learning curve to see results.
> By giving a straighforward config interface to > Linux servers we provide newbies with real ease of use. I like to think of this in terms of "total ease of ownership". Once Linux runs, it runs. Easy. Making the config easy is step two. Every attempt at making a configuration easy, usually results in a loss of functionality or flexability. It should only become easy, by people becoming more skilled in what they do, not in the interface.
Slashdot Mirror
No it is not based on anaconda.
Screenshots
Nothing, but that will terminate the current shell process and thus the rest of the line will not be executed.
# su - nobody
$ exit; rm -rf /
will NOT delete your entire will system. The entire idea of a secure system would be a joke if that worked.
- In 1999, the year it took over the server market in earnest, Windows NT totaled 99 new
- vulnerabilities on the BugTraq list. (So far in 2000, the count stands
- at 37.) This looks like an alarmingly high number in comparison with
- Solaris' 34 or NetBSD's 10, but it is significantly less than the 122
- racked up by Red Hat and the other Linuxes (their 2000 count stands
- at 47).
and by simple math, he concludes- If you look this list over, and measure each system's number of vulnerabilities against the number of its customers, Linux is arguably the worst operating-system product in history, and Microsoft's the best.
Wouldn't that make netBSD the best?-Uto
> 2. Convincing new admins that they would really rather do Linux than Winders
Agreed. However, this product has no place in a production environment. Administering a unix server takes more than what any single GUI can give you. You can't anticipate every flat file or program that is going to be installed with a module. Shell interaction is the backbone of *nix and its not going to go away anytime soon.
That being said, this product is a great starting point for newbies/MC*E on their home computers. I applaud the efforts of Mount Linux for (at a first glance) a nice step in the right direction. It can give a newcomer a feel for how things work and (generally) where to goto find information. Knowing that in order to disable telnet, one must go into something called "inetd", is a nice baby step to knowing that inetd.conf is in /etc. Being that unix is as flexible as it is, admins must be competent in their abilities and be able to properly set things up. I would rather have a smaller number of well maintained linux servers than a large number of insecure or broken linux boxes.
Administering a unix server requires a certain level of knowledge. I think this product could definately help as a step stool, but not a whole lot more.
> Category 4, new admins, is much more fertile. Lots of aspiring admins go the MCSE route. There are a number of reasons for that, the biggest being that MCSE is an instant
> credetential.
Enter half the reason for script kiddies can do whatever they want on the internet. People use certification as an benchmark for knowledge. Certification is nice to show that you know some stuff, but is no where nere a minimum requirement for someone to administer a server.
>We have responded to that in part with the Red Hat cert. Another major reason for the continued success of NT is the illusion that it is easy to admin (it's an illusion
> because the troubleshooting of inevitable failures, in the long run, more than make up for the crunchy point-and-click ease of setup).
This is why olypus should be a good starting point. Aspiring admins can see the stability and ease of maintenance without having the frustration of a steep learning curve to see results.
> By giving a straighforward config interface to
> Linux servers we provide newbies with real ease of use. I like to think of this in terms of "total ease of ownership". Once Linux runs, it runs. Easy. Making the config easy is step two.
Every attempt at making a configuration easy, usually results in a loss of functionality or flexability. It should only become easy, by people becoming more skilled in what they do, not in the interface.