On Sunday 22 August 2004 02:14 pm, Vincent Voois wrote: > Or by leaving it as it is. > I believe Mandrake Linux is delivered with default firewall settings in a > similar way XP's firewall is set by default. (turned off)
Ah, so you don't remember selecting a security level when you installed Linux, right? If you select a higher security level, the poor man's firewall of a host.deny ALL but localhost is installed and that effectively cuts off all outside network access to all services, bar none. And all services are only available to localhost, not to the outside network, nor even to local LAN ranges. So, it all depends on what you mean by default settings. > I sometimes service server hardware of small business offices and none of > the inside staff has any idea how this server operates. They just switch > the tapes because that's what they supposed to do at the end of each they > (how they were instructed). The real server managers are third party > service companies that do remote service and support for those offices. > They sometimes screw up and don't even notice it, the local users neither, > since they haven't got a clue what's going on. I don't know of any enterprise running Linux servers that don't have at least one person on hand to do day to day administration and configuration. YMMV. It is possible, from my experience, to get an MSCE and still not be able to properly troubleshoot or administer computer systems, we have a few in my office. So, if you were referring to Windows servers, I have no doubt that might be the case. > But don't forget:some individual home users have access to their company > network through VPN (when enabled). I've seen backdoor infiltrations in > company LAN's thanks to the laptops or private desktops of their employees > that hosted the backdoor, which could infiltrate their system on regular > basis. I don't, even for a minute, believe that a hacker is going to target individual machines with the intent of gaining access to an enterprise through a VPN connection. Whether or not they might so happen to luck into such a situation, is immaterial. It would be a one in a thousand shot and you would need to compromise so many machines to make this an effective tactic that it would be too much effort. Assuming that you would gain access to anything other than user files on the other end would also be a pure guess. And, if the client boxes are Linux boxes, that makes the effort considerably harder. So, I discount this totally. We know that the vast majority of so called "hackers" are simply trying to get a large number of boxes to sell as spammer networks or DoS networks. They are also trying to get financial information, install keystroke loggers, and sometimes phishing for personal information for identity theft. I would imagine that the classic hollywood image of a blackhat hacker is probably much more likely to be targeting unix and linux boxen and they are not using the vulnerability of the week MS worm to do their work. They are also much more likely to be hitting the server directly, not trying to backdoor through a VPN. > But this can also be covered by supplying a machine configured with a COE > (Common Operating Environment). Though the Blaster and Korgo virus ( and > variants) didn't care about restricted local user-policies on Windows 2000 > desktops with COE and thus infiltrated anyway. As the same was with Sasser > which even teased some of the unpatched desktops in our own office, they > weren't infected, but the LSASS driver didn't liked Sasser's intrusion > attempts either. As with some ACD-servers which didn't seemed to be patched > either. Using Windows viruses bypassing security measures as examples of compromising machine methods on a Linux mailing-list is especially hilarious. Please keep going, you are making my point much better than I appear to be doing. > Some viruses can really cause a pain in the ass, no matter how well company > backbones are protected from within their networks. So it's pretty well > important to protect machines that connect from outside the network as well > as the machines from within. (also meaning that each company should have a > COE policy that no user may enter a network with a non-company desktop or > containing a self-installed OS) Yes, it is important to protect all "Windows" machines that connect from outside the network because of the havoc that viruses can cause, I am in total agreement. Thanks for the help. I thought I was doing well myself, but it never hurts to get help. > It was a simple example anybody can check, i do not really feel tempted to > post complex hack or crack tricks including the servers these tricks work > on, on a forum like this. Assuming that you have any for Linux boxen. I am not really interested in hearing tricks for MS machines, I can google for those on Astalavista. However, I, for one, encourage you to post all known hacks or crack tricks for Linux boxen to this list. Please feel free to do so. I will take the heat for encouraging you to do so. Open Source software is all about contributing and you make the platform stronger by sharing. I don't care which forum it is, for each vulnerability that you disclose, I would expect a patch within a matter of days. And, not only will you not be sued (as MS has threatened to do in the past), the developers will probably thank you for the disclosure. > >> On Linux this is harder to accomplish. > > > > I would probably file that one into the "understatement" column. > > Depending on how well the box is being protected. No, qualification needed. Depends on nothing. Propagating a virus is so very much harder to accomplish on Linux than on Windows. Period. Nothing further need be said. Any statement to the contrary should be backed up by real examples or evidence. > > However, If I were to compare a runaway skateboard travelling at 80 mph > > to a Volvo traveling at the same speed, in terms of safety, I doubt that > > I would arrive at a conclusion that they are the same because they both > > involve some risk. I would not classify such a statement to really be > > painting an accurate portrait of reality. > > Which of the mobile devices in your metaphore is classified as windows? The skateboard is windows, the Volvo is Linux. I would have thought that was pretty clear. As in, which OS would a reasonable and semi-knowledgable user feel safer running? I only have to Google for "computer threats" to come to conclusions. > Yeah, thousands of black has MS tools, but not many of them survive updates > or patches to the kernel that protects the SAM hive. I had a tool called > locksmith coming with the Super ERD cd, well i don't know what it's > supposed else than resetting local admin passwords, but it did anything > except that on NT 5.0 or higher version platforms. Nordahl's bootflop is > the one i'll stick to. Again, I know of at least one vulnerability that even survived the update that was explicitly supposed to fix it. And there were others that were publicly disclosed 6 months before a patch was issued. And, given the size of the updates, the relative infrequency with which admins install them lest they break functionality, plus the fact that you don't really know what you are actually installing and the inevitable additional vulnerabilities created by the updates, I can't imagine a problem finding blackhat tools for Windows. If that day ever comes, I will paint the windows logo on my face and sing "Start it Up" at the local Linux LUG. > > And, just in case you missed the point, I was expressing my disagreement > > with your point. Linux, by design, in implementation, with existing > > security flaws, is specifically safer than Windows. Also, blanket > > statements like no > > But i already stated Linux is safer than windows in the first mail. Quite true. You said: "It's because Windows still dominates the most of the current user- and business-market that most people don't bother themselves in hacking Linux." This implies that the only reason that Linux is safer than Windows is that it people don't bother themselves in hacking Linux. So, just to clear up any possible misconceptions, I hold that your assertion is a load of bunk. FUD, otherwise known as Fear, Uncertainty, and Doubt that has been spread by MS and its shills to explain their tragically high number of software vulnerabilities, viruses, worms and other threats compared to Linux. Linux is not safer simply because it is not targeted, it is safer by design, transparency, peer review, implementation, reliance on standards, openness, etc. I could go on, but I think that my point has been made. So, if you had any idea that we had reached an agreement about the safety of Linux compared to windows, you should be disillusioned from that now. > It may be demonstratible, but can you point out each security bug of each > OS and compare the severity of them with eachother? Though "Generally" > would have been the wiser choice for me to pick instead of specifically. There are published reports of vulnerabilities and patches issued for Linux. I assume that there are similar announcements for Windows (although that is quite a leap given that MS doesn't publish vulnerabilities that are disclosed in private to them until they fix the vulnerability, sometimes years after being notified). However, I have read research reports that note that Windows machines are compromised more often than are Linux machines, and that is based on comparitive percentages of machines in the market, not hard numbers that can be attributed to market share. For the record, out of personal experience, I ran and run Windows on a number of computers (work) and have been running Linux for about 4 years now on my home machines. None of my home machines have ever been compromised or hit by any outside threat. I have been the victim of DOS and Windows viruses in the past. So, from my personal experience, Linux is safer. Also, it is harder and more expensive to secure a Windows platform than it is to do the same with Linux. I will note that firewall software (good firewall software), virus detection engines, intrusion detection software, and myriad other security packages (log watchers, root kit checkers, etc.) are all available for free for Linux. These packages cost money for MS. Enough said. > MS give demonstrations about how their OS can crash at the most undesired > moments. I still laugh about the introduction-show of Windows 98 where > loads of camera's captured the blue screen when the demonstrator made an > attempt to do something spectaculair with his laptop. Of course, none of these are intentional. Just a byproduct of a crappy OS. > I have enough experience with Windows environments and i know their flaws, > but i also know how to shut down vulnerabilities, with or without help of > MS patches. Well, you know how to shut down the vulnerabilities that MS or others tell you about. You probably don't know how to shut down the ones you don't know about and no matter what else we know, we know that closed source probably has more vulnerabilities lurking that you don't know about than does open source. That is simply because there are more eyes looking at open source and it is easier to find potential vulnerabilities when you have the source code. > With Linux, i know what to watch out for and i can secure my accounts well > enough to keep visitors with unwanted desires of my box, i've not made > myself aware yet of what kind of patch or upgrade method is used with > Mandrake. Well, here is free info. Whatever method you want. Use Mandrake's RPM's to patch your software or simply compile and roll your own versions as the new source is put out for each application you run. Totally up to you. Ain't OS grand. -- Bryan Phinney
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
