So let me ask you If I were to give you an out of the box copy of XP, and an out of the Box Redhat 8 and told you that your most personal secrets are going to go on one of these boxes naked on the internet with no security software installed which would you choose? (lets assume you have 2 hours to configure each box at the time on install)
This discussion was not about ease of use, it was about security. But just to make you feel batter redhat gnome has a little button that flashes whenever there is an update available, you click it, see what update it is, and click install.
Personally two commandlines which could be set to run in cron (ie every day with zero intervention) does not make a system less secure than going to windowsupdate.com.
Now lets strip it down beyond bugs, the OS structure of Linux itself provides more security over resource controll than windows does. *nix systems are built with multiple users in mind, and windows is buil with multiple features in mind.
Red hat has a nice big flashing red button with update advisories, even big enough for grandma to read, the best part is she does not have to read any of those small print eula that come with the ms updates..
Black hats know about vulnerabilities
1) Before they are fixed
2) Before the vendors inform owners of their software of the vulnerability
This is inexcuseable, maybe if I know about an unfixed vulnerability I may move some critical data off of a vulnerable system, or take a network segment off the internet, or block a certain port, or one of a thousand things that can protect me against people who know about the problem.
Slapper is a good example, assume that slapper was out before the patch, if you know what it is and how it works you can just do a touch on the file it tries to compile to and set the rwx to 000.
The reason *nix admins make more $$ is because we can maintain more servers than a windows admin. If I have to set up a network with 20 servers I can find one unix admin to take care of them (imho 20 is reaching your upper limit for an average admin). For 20 windows servers your talking 2 **maybe** 3 adming, your not that much cheaper.
I also like the 80%/10%->80% other bs stat, I would really like to see a source on the number of servers active, I was under the opinion that in the server market Linux had about 20% market (I could be wrong), when you add SUN, AIX, HPUNIX, and now OSX, im sure there are others I dont know about that have a decent share windows has much less than 80% of the server market.
now you are right that Windows has gotten a ton better, but for every two steps forward they take in software (I would use 2000 as a desktop and **maybe** for some server apps on a small (200 Clients) network, they take two steps back, imho, in terms of their EULA's. That being said I hope MS does fix its problems, 2000 was a decent server os.
No but I will give you the crypt, I dont use abc123 or my name because I am relying on a piss poor password and just hoping because nobody knows it im safe, kid of like relying on a piss poor application or hoping nobody violates your system because you have not published a vulnerability..
Really nimbda was not a problem for servers? it used IIS to propigate across the network dimwit. Servers which had neither Outlook, or Express but were running IIS (ding ding ding A FRIGGEN SERVER TOOL) spread nimda to any network share it had open!
now MS is responsable for this becuase they produce IIS, apache has nothing to do with linux other than it runs on the OS.
You want to talk about which is a bigger risk? Nimda would give administrator permissions to guest accounts and share all drives RWX (even on the IIS servers without outlook/express). The number of infected webservers using IIS were more than 100 times the number of Linux with slapper.
Slapper otoh is uesd for dos attacks and does not change permissions on any important data elsewhere in the system, it also does not augment user permissions on the server.
Security through Obscurity is **ALWAYS** bad. If I pay you for a system I damn well better know the minute you know of a hole in that system. And while MS is not telling its current customers about vulnerabilities in their system, they are selling more as being 'secure'. Its deceptive, period.
To get nimda all you have to do is be on a nt4 (maybe nt5 im not sure) domain with a shared storage resource with an infected computer, outlook express is not even needed..
Beyond this. The article refers to slapper, and the like. Many of which will not hinder a Linux system of your average user. How many people run apache with openssl on their system really? and of those people how many do not keep the revs up to date.
My home box has Apache, but no ssl I really dont need secure transactions that much, if I did I would keep it up to date just like everything esle I use. Now lets look at Nimda, what % of people on windows use outlook/outlook express, and of these how many would not keep their system up to date.
Point is one is a server deamon exploit (used by a very small % of linux servers (say 10-20% tops), and one is a mail client exploit used by a mojority of windows users (so there will be many oure out of date versions per capita)
Depends on the environment your in, if you have 10 servers MS will probably be cheaper because you only need on admin if your on *nix or Windows and frankly we cost more per seat.
If you have a system of 100 computer you now need two, maybe three *nix admins, where as you need a minimum of 6 windows admins.
Slashdot Mirror
So let me ask you If I were to give you an out of the box copy of XP, and an out of the Box Redhat 8 and told you that your most personal secrets are going to go on one of these boxes naked on the internet with no security software installed which would you choose? (lets assume you have 2 hours to configure each box at the time on install)
This discussion was not about ease of use, it was about security. But just to make you feel batter redhat gnome has a little button that flashes whenever there is an update available, you click it, see what update it is, and click install. Personally two commandlines which could be set to run in cron (ie every day with zero intervention) does not make a system less secure than going to windowsupdate.com. Now lets strip it down beyond bugs, the OS structure of Linux itself provides more security over resource controll than windows does. *nix systems are built with multiple users in mind, and windows is buil with multiple features in mind.
Ill put the record of Apache up against that of IIS any day. I have yet to see any bugs which carry the scope of problems IIS bugs/exploits do.
Wait a couple of months. When, or should I say if, mac ever gets serious market penetration you will see exploits for them as well..
Red hat has a nice big flashing red button with update advisories, even big enough for grandma to read, the best part is she does not have to read any of those small print eula that come with the ms updates..
Because I have yet to get a patch that changed my eula..
Actually there are many birds faster than the Cheetah, just fyi
You gotta be kidding the number of stack overflows alone in the NT core OS is more than all linux based issues..
I am suprised and dissapointed in sony et al for going after mod chips..
Why the hell does the application base mean anything when talking about the structural security of the operating system.
1) Before they are fixed
2) Before the vendors inform owners of their software of the vulnerability
This is inexcuseable, maybe if I know about an unfixed vulnerability I may move some critical data off of a vulnerable system, or take a network segment off the internet, or block a certain port, or one of a thousand things that can protect me against people who know about the problem.
Slapper is a good example, assume that slapper was out before the patch, if you know what it is and how it works you can just do a touch on the file it tries to compile to and set the rwx to 000.
I also like the 80%/10%->80% other bs stat, I would really like to see a source on the number of servers active, I was under the opinion that in the server market Linux had about 20% market (I could be wrong), when you add SUN, AIX, HPUNIX, and now OSX, im sure there are others I dont know about that have a decent share windows has much less than 80% of the server market.
now you are right that Windows has gotten a ton better, but for every two steps forward they take in software (I would use 2000 as a desktop and **maybe** for some server apps on a small (200 Clients) network, they take two steps back, imho, in terms of their EULA's. That being said I hope MS does fix its problems, 2000 was a decent server os.
No but I will give you the crypt, I dont use abc123 or my name because I am relying on a piss poor password and just hoping because nobody knows it im safe, kid of like relying on a piss poor application or hoping nobody violates your system because you have not published a vulnerability..
now MS is responsable for this becuase they produce IIS, apache has nothing to do with linux other than it runs on the OS.
You want to talk about which is a bigger risk? Nimda would give administrator permissions to guest accounts and share all drives RWX (even on the IIS servers without outlook/express). The number of infected webservers using IIS were more than 100 times the number of Linux with slapper.
Slapper otoh is uesd for dos attacks and does not change permissions on any important data elsewhere in the system, it also does not augment user permissions on the server.
If you wanna talk with the grownups get a clue
Linux is closer to UNIS than NT is to VMS, but not much, and not very much at all in the lower levels of the OS..
Security through Obscurity is **ALWAYS** bad. If I pay you for a system I damn well better know the minute you know of a hole in that system. And while MS is not telling its current customers about vulnerabilities in their system, they are selling more as being 'secure'. Its deceptive, period.
an NT ows much of its development to VMS which is also very very old..
To get nimda all you have to do is be on a nt4 (maybe nt5 im not sure) domain with a shared storage resource with an infected computer, outlook express is not even needed..
My home box has Apache, but no ssl I really dont need secure transactions that much, if I did I would keep it up to date just like everything esle I use. Now lets look at Nimda, what % of people on windows use outlook/outlook express, and of these how many would not keep their system up to date.
Point is one is a server deamon exploit (used by a very small % of linux servers (say 10-20% tops), and one is a mail client exploit used by a mojority of windows users (so there will be many oure out of date versions per capita)
OFten times surveys have a 'not sure' catagory..
Never said it did chunky, I take alot of fire here for Bitching about MS using the courts for the XBox
but TCO does not matter to a student so whats your point??
I guess, but keep in mind it would only take one thenth the monkeys to operate a linux network ;)..
and what? so no studys about operating systems and web servers can be posted on the net because then there will be a bias?
If you have a system of 100 computer you now need two, maybe three *nix admins, where as you need a minimum of 6 windows admins.