I can attest first hand that this is NOT the case. My wife and I each have
Win laptops that are work issued that we use through VPN software to connect
into our businesses over cable. Mine has firewall software installed. Hers
does not. She was trying to arrange one through her place of businesses,
but in the mean time wanted to configure her machine to use the cable svc.
The laptop was hooked into the cable for just UNDER TWO HOURS (just to
setup, install a new Netscape and put in a little "Wow, this is SO fast"
time). When she took the laptop to work the next day and started it up,
Norton advised her that a virus file was detected and she told Norton to
delete it. After that, every single executable on her machine failed to
start...instead giving a notice that "could not find ********.exe required
to run applications" (I don't remember the name of the file right now). I
asked her to start up Explorer, but that produced the same results. We were
able to get into Explorer by doing a right-click on Start and choosing
Explore, and after looking at properties it turned out that "Application" no
longer said [EXECUTE] but rather pointed to an executable. So everytime you
try starting any app in Windoze it launched a trojan first and then your
app. However, since she asked Norton to delete the trojan, this resulted in
the fact that every single app on the machine failed to start at all
(including all anti-virus, backup and RegEdit software). Long story short,
she managed to play with it for a few hours, get RegEdit to start as a batch
file (rather than .exe) and get it cleaned up. Since it was a work-related
box, she still had it "gold-disked" and has a fresh start in the event there
were any remains of the attack. She lost several days worth of work
however. She did manage to get a firewall program out of it. :-)
I haven't studied Win cracks much and she didn't have any "evidence" left on
the machine, so I couldn't tell you exactly what was done by the intruder.
I do know that she is the second family member running a cable connection
that has been attacked. The other, a sister-in-law in Maine, had her Win
box apparently used for a DoS attack and she very nearly faced
excommunication by her provider. They left their system on 24/7 (they were
Napster-addicts) and it was apparently very popular with a couple script
kiddies. For many personal reasons, not the least of which is I think it's
going to be "fun" (warped?), I am working on configuring an extra Linux box
as a fire wall. Other people use the hardware versions. No matter what you
choose, though, keep in mind that a Win box IS vulnerable. I think there
are two reasons that you don't hear much about Win boxes being cracked.
First, most in-duh-viduals don't have anything interesting on their home
box. Second, many script kiddies are doing their cracking FROM Win boxes
themselves and already know they suck for serious internet work. These
people are looking for a system on the net that has everything they don't
have. If you drive a Ford Fiesta and want to steal someone else's car for a
joy-ride, you are not going to steal another Fiesta. You're going to look
for someone with a Porche who left their keys in the ignition, window rolled
down, and alarm turned off (ie a "right from the box" Linux installation).
-Larry
> -----Original Message-----
> From: Greg Kettmann [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, April 25, 2001 2:23 AM
> To: [EMAIL PROTECTED]
> Subject: My Firewall Breach. A concern.
>
<SNIP>
> Does this mean that Windows is a fundamentally safer system for use on
> the Internet?
>
> Windows users aren't reading the security briefs and "patching" their
> systems, yet it's been suggested that's what is required in the Linux
> space. The rather strong suggestion is that if you're not going to
> invest some time into our Linux box you can expect problems and that
> you're effectively liable for what some cracker does if he breaks in.
> I'm just not seeing this problem in the Windows space and this is making
> it sound like running Linux on the Internet is a very risky proposition
> and certainly a poor choice compared to Windows.
>
>
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
