On Friday May 13 2005 15:42, Shlomi Fish wrote: > > > Actually, a default install of Fedora took several months to break > > > into. As opposed to less than 20 minutes for Windows. > > > > Could you please provide the source for that claim? I remember an > > anecdotial honeypots research in recent years done to test that. But > > there they actually have made the installation less secure than the > > default (bad passowrds, extra services available). > > I heard of the 20 minutes of Windows from two different sources. I found > the Linux one on LWN.net IIRC. (or Slashdot?) > > BTW, the Fedora system wasn't updated with timely updates, which makes it > even more impressive.
OK, this is just not true. The fact that windows boxes mooning the whole Net get hacked in number of minutes represent only the sole fact that hackers love the windows boxes more. Why? Let's look on that from cracker's point of view: 1) Majority of windows users are bereft of gorm. They don't have anything to protect them. They don't patch up vulnerabilities on regular basis. Thus, writing automatic tools to "scan, try a number of latest win exploits, if successful, upload zombie software and patch the hole, rinse, repeat" whole network segments actually pays up in gold. There are people earning their living off that. As of linux users, you can expect a clue from someone who managed to eventually install it. 2) As previously said, there are far more windows boxes than linux ones. Moreover, there are more windows workstations than linux ones. Servers are generally harder to crack, as they are set up by a professional. See #1. 3) One can live for years on a windows box. Only thing one have to worry about is the plain old "format c:; reinstall windows". Be a good guy, make yourself a silent backdoor, clean up the viruses and spyware, patch up the holes in time, perform the maintenance tasks and don't slow up the games too much. As long as user feels no discomfort, the cracker is safe. As of linux, the system administrator actually pays attention at what's running and bandwidth usage. 4) Statistically speaking, windows workstations has less uptime than linux ones. So, they change IPs more. Do I have to mention why this is good? There is almost no difference in how the default install of windows or non-hardened linux is hard to break. Any default install is weak, even with latest updates, and cannot withstand brainstorming by a team of crackers. The interesting experiment of a default install caught in a sweep of automatic cracking software only shows that spammers and DDOS coordinators still have the money to pay for zombies by the thousand, and not by quality. Only way to get thousands is to mass-crack windows workstations. Who has the time to do it manually? Setting a honeypot is much like throwing a theoretical hook to a random location in the ocean. There is a tiny chance to catch a small fish, infinitesimally small chance to catch a big one, and a big chance of having your hook caught in someone else's fishing net. -- Sincerely Yours, Michael Vasiliev "...this does not mean that some of us should not want, in a rather dispassionate sort of way, to put a bullet through csh's head." Larry Wall in <[EMAIL PROTECTED]> ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
