Even if you are running only services you want, those services still may require updating and monitoring. If someone isn't keeping up on updates, etc and they get hacked because of it then they get what they deserve and I feel no sympathy for them. Just because Linux/Netware are stable OSes doesn't mean they don't need babysitting (By this I mean: watching the logs, monitoring the network they are on). The problem with the average NT/2000 or MCSE administrator is that Microsoft is promoting lazy/cheap administration. A lot of those administrators that come over to linux bring those bad habits with them, and when something bad happens they blame it on the OS when the blame should in fact lie with themselves. Just my 2 cents.
> One of the benefits of Linux is that it doesn't need to be babysat. > > I know this is an arguable thing, but I like that I set up a machine at > one of our remote locations, and it hasn't been signed into in well over > a year. > > It's fine to say "be on top of things", but I want a server that runs > like this... http://www.networkcomputing.com/1119/1119f1products_2.html > > And I'll argue that exploit or not, this basically offers that ability. > > Unlike NT, Linux and Netware both run only services that you want them > to, rather than needing repeated security patches for things like MEDIA > PLAYER on a server. > > I wonder if anyone would notice if I used a Database server for watching > DVDs throughout the day. Maybe, but then they do have GL screensavers > too. > > Kev. > > > > ----- Original Message ----- > From: "Trevor Lauder" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> Sent: Monday, September 16, 2002 12:22 PM > Subject: Re: (clug-talk) Linux gets a worm! > > >> Actually, worms under linux have existed for a while now... and even >> longer under unix. As for this exploit, I really hope anyone here >> running SSL had that patched a while ago because the patch for that >> exploit came out about a month ago. This exploit is targeting servers >> that haven't been updated in a at least a month and it's actually >> hitting lots of people, pretty sad when patches have been available >> for a while now. >> >> >> > -----BEGIN PGP SIGNED MESSAGE----- >> > Hash: SHA1 >> > >> > Finally Linux is worth the time for someone to make a worm. Easy to >> detect, easy to defeat, and dose not affect my server but still a >> worm. >> > >> > > http://securityresponse.symantec.com/avcenter/security/Content/2002.09.13.ht > ml >> > >> > Yes I run Apache but I don't use SSL. If you run SSL you must read >> this. - -- >> > Roy Souther <[EMAIL PROTECTED]> >> > http://www.SiliconTao.com >> > >> > Live to code, code to live! >> > -----BEGIN PGP SIGNATURE----- >> > Version: GnuPG v1.0.6 (GNU/Linux) >> > Comment: For info see http://www.gnupg.org >> > >> > iEYEARECAAYFAj2F83YACgkQCbnxcmEBt434oACgqPHbAWIcOBX6m7jOUZ2rsLJR >> 1YoAnRkdLTB42p8mS+WlaDuB5L7nV39+ >> > =YkE6 >> > -----END PGP SIGNATURE-----
