Reprinted from Kibbles & Bytes, the Small Dog Electronics newsletter. http://www.smalldog.com
"Honeypots and Macs In a recent test by USA Today and Avantgarde, a San Francisco tech marketing and design firm, six computer systems were set up as "honeypots" for two weeks to see what kind of malicious traffic they would attract. Of course, once the testers determined that the machines were compromised they were shut down. This test did not measure web attacks that require active user participation, such as spyware and spam that comes from actively visiting contagious web sites or opening virus-laden email attachments. Rather, the machines were simply connected to the net via a DSL line and left alone to be monitored. They used four Dell desktop PCs running various configurations of Windows, a Mac running OS X, and a Microtel Linspire running Linux. The results were outstanding. Break-in attempts began as soon as the machines were on the net and continued at a fast and furious pace, with an average of 341 attacks per hour on the Windows XP machine. With firewalls activated on any of the systems, the attacks declined to four per hour. Ryan Russell, one of the researchers, explained, "The firewalls did their job. If you can't get to them, you can't attack them." There were no successful compromises of the Mac, although there were a similar number of attempts. Intruders repeatedly compromised the Windows XP box through the same two security holes used by the MS Blaster and the Sasser worm. Intruders were able to seize control of these machines to send out spam, to serve up spamming web sites, and to hijack other computers. Once the system is compromised and under the control of the hacker it can be used for a number of nefarious purposes, including joining other computers to form a big spamming network -- all operating right under the nose of the unsuspecting user. It is the outstanding security record for the Mac, or perhaps the miserable security performance of Windows machines, that will ultimately build the Mac market share. It is the single most compelling feature of OS X that we talk to customers about each day. It only takes a Windows customer a few moments to realize that a lot of his or her headaches from viruses and worms will be lessened with OS X, and to start looking seriously at making the switch." | The next meeting of the Louisville Computer Society will | be January 25. The LCS Web page is <http://www.kymac.org>. | List posting address: <mailto:macgroup at erdos.math.louisville.edu> | List Web page: <http://erdos.math.louisville.edu/macgroup>
