Re: Windows 2003 Server security vs Red hat Linux

From: Jeff Cochran (
Date: 09/30/04

Date: Thu, 30 Sep 2004 00:08:22 GMT

On Wed, 29 Sep 2004 12:47:04 -0700, "Todd"
<> wrote:

>In the spring I attended Micrsoft's security summit in Detroit. I found the
>summit informative and very beneficial. The people from Microsoft there made
>reference to a Gartner study that compared a Windows 2003 server side by side
>to a Red hat Linux server for the course of one year. The study concluded
>that Microsoft was much faster repsonding to vulnerabilites and had less
>security flaws than a Red Hat Linux box. Does anyone know where I could get
>a copy of this study to present to our management here. The Linux camp
>amongst us here are pushing Linux and us Microsoft people want to keep and
>upgrade our existing Windows environment as a Windows environment. Thanks to
>all who can help me find this article.

You can probably get the study from Gartner, though it won't be cheap.
And while there are never any true winners in the Linux vs Microsoft
wars, you should likely pitch the true costs of the operating systems
as affected by the given tasks. Such as how much it costs to find a
DBA for Linux versus a SQL DBA, or the availability of Perl/PHP
developers versus ASP/.NET developers. Or even Linux Admins vs
Windows Admins, or help desk costs or...

You get the idea. If you pitch Windows as the best solution across
the board and they're hammering security, it's easier to come out
ahead. Secuirty is rarely the deciding factor in platform choice.


Relevant Pages

  • SecurityFocus Microsoft Newsletter #49
    ... Subject: SecurityFocus Microsoft Newsletter #49 ... Microsoft Windows NNTP Denial of Service Vulnerability ... Microsoft IIS SSI Buffer Overrun Privelege Elevation Vulnerability ... Microsoft ISA Server H.323 Memory Leak Denial of Service... ...
  • SecurityFocus Microsoft Newsletter #154
    ... MICROSOFT VULNERABILITY SUMMARY ... ISS RealSecure Server Sensor SSL Denial Of Service Vulnerabi... ... Roger Wilco Remote Server Side Buffer Overrun Vulnerability ... available for Microsoft Windows operating systems. ...
  • SecurityFocus Microsoft Newsletter #77
    ... MICROSOFT VULNERABILITY SUMMARY ... Novell GroupWise Web Root Disclosure Vulnerability ... Microsoft Windows NT Security Policy Bypass Vulnerability ... CVS Server Global Variable Denial Of Service Vulnerability ...
  • Re: after installing KB011829 OWA is not working anymore
    ... Windows Vista or IE 7.0 no longer includes support for the ActiveX control ... The resolution for this issue is to install hotfix KB 911829. ... and to the back-end server. ... Microsoft CSS Online Newsgroup Support ...
  • SecurityFocus Microsoft Newsletter #153
    ... MICROSOFT VULNERABILITY SUMMARY ... ZoneAlarm Random UDP Flood Denial Of Service Vulnerability ... FloosieTek FTGatePro Mail Server Path Disclosure Vulnerabili... ... Microsoft Windows NetBIOS Name Service Reply Information Lea... ...