Re: Security comparison between Microsoft and Linux

From: James H. Fox (foxjh_NOMAILSPAM_AT_rcn.com)
Date: 12/21/03

• Next message: Sue Doo Nym: "Re: Home Network and Firewalls"
• Previous message: Hairy One Kenobi: "Re: Check for security loop holes"
• In reply to: sponge: "Re: Security comparison between Microsoft and Linux"
• Next in thread: sponge: "Re: Security comparison between Microsoft and Linux"
• Reply: sponge: "Re: Security comparison between Microsoft and Linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sun, 21 Dec 2003 12:49:04 -0500

sponge wrote:
>> Of course, as long as you disable all but absolutely necessary
> services in Linux or Unix, you will (all else being equal) be a bit
> more secure in Linux or Unix. The key thing here is to disable
> unnecessary services, like sendmail or SWAT.
>
> That's the key, vital, ever-so-important point: All else being equal,
> any major OS can be as safe as long as the user and administrator
> harden it enough by removing unnecessary features, and as long as the
> user uses some basic tools and some good sense ("safe hex"). A golden
> rule in the security business is that "feature = potential exploit".
> This is especially true where MS products are concerned, as, again, MS
> doesn't pay a whit of attention to security risks of each new
> "feature".
>
My limited knowledge of Linux suggests that you can install most programs
with only "user" rights (if that is the right terminology). That is, you
don't need root access for most purposes. This is nice for protecting the
root files and those of other users, but it is not good news for preventing
trojans and worms from installing, whenever the hackers get around to
producing them. On the other hand, Win2K or WinXP in a "user" account seems
to be quite secure; I don't think anything can install without your knowing
about it. Maybe Linux can be made just as secure, but I have not found the
way.

---

• Next message: Sue Doo Nym: "Re: Home Network and Firewalls"
• Previous message: Hairy One Kenobi: "Re: Check for security loop holes"
• In reply to: sponge: "Re: Security comparison between Microsoft and Linux"
• Next in thread: sponge: "Re: Security comparison between Microsoft and Linux"
• Reply: sponge: "Re: Security comparison between Microsoft and Linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: linux newbie: how to stop port scan abuse? ... OK, once you have a clean system, you need to secure it. ... you start, stop, or restart a currently-running server/daemon (think W2K ... The base Linux installs are pretty secure, but the services that run by ... The RH7.3 install only ... (comp.os.linux.security) Re: Control hidden folder/file settings? ... Unix tends to be almost endless ... friendly") in Unix/Linux than in Windows. ... The only Linux programs I can think of that behave this way ... installed on Linux, there *is* a way to install in some place ... (comp.os.linux.misc) Re: Free Commodities Are Abused ... >>It's just as hard to secure a UNIX box as it is a Windows box, ... ALL software sucks. ... I use Linux for all the reasons you listed above, ... (sci.crypt) Re: Detecting Unix flavors ... >> and other Linux variants. ... .xscreensaver file itself. ... according to the Unix flavor. ... for further details on the Unix install. ... (comp.lang.java.programmer) Re: The Problems With Linux ... > Here are the problems with Linux: ... programmers of UNIX, Open Source software, and Shareware. ... programs only available from BSD. ... BSD code is used by Microsoft in it's Windows NT/9x/2K/XP code. ... (comp.os.linux)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)