Rogelio Serrano wrote:
On 4/22/06, Michael Chaney <[EMAIL PROTECTED]> wrote:
On Thu, Apr 20, 2006 at 07:47:43PM -0700, Ariz Jacinto wrote:
activity of attacks regardless if successful or not.
severity can be found on security websites.
This underscores a point, though. Everytime you tell a Windows person
that Linux is far more secure, the mantra is "yeah, that's because
hackers like linux so they don't attack it as much". So we can't have
it both ways. If, in fact, Linux is attacked (successful or not) with
the same frequency as windows (and I would assume this is the case),
then in fact it goes to show all the more that linux is much more
secure.
But windows hackers are mostly windows programmers right? Majority of
these dont know unix at all.
The typical script kiddie attack linux because they hate linux and
when they fail they dig deeper. There are a lot of people out there
who hate linux.
Or was it because more servers in the Philippines are running on Linux now?
Actually, the way I look at the Inquirer article and the report of
philippinehoneynet, reporting is not only misleading.... it is confusing.
On the philippinehoneynet part, they did not specify how they classify
the attacks. Was the classification done on the basis of the nature of
the attack specific to a particular OS? Or are the
honeypot(s)/honeynet(s) composed of combination of OS/Linux systems and
they classify the attacks based on the number of attempts received by
each system? If the data was taken from their honeynets, what is the
statistical basis that the rest of servers in the Philippines are
experiencing the same attacks? This is pretty much like a survey
conducted by SWS... they ask the opinion of 500 or 1,000 peopl and say
that they represent the overall opinion of 84 million Filipinos.
If I will be doing a similar report and I want to be purposely biased, I
can deploy 5 Windows system and 10 Linux systems and say that Linux have
been attacked more.
Looking at the raw snort data
http://www.philippinehoneynet.org/charts_2006-03-29/ids_2006-03-29.csv
I believe, I am seeing the same kind of attacks in my PIX firewall
logs... and this is not specifically targeting Linux because we use
iPlanet as web servers.
From the data page
http://www.philippinehoneynet.org/data.php
there is only one mention of the word Linux and I find it interesting
that the Inquirer staff can make a big news about it. And to think that
the qualifying word is "indicates"... meaning, it was not very certain.
"Data indicates that more attacks are directed towards /Linux/ systems
as compared to /Microsoft Windows/ systems."
Of course, we're using "linux" in the broadest sense possible here,
probably not just to mean "linux-based operating systems" but in face
"open source operating systems".
Michael
--
Michael Darrin Chaney
[EMAIL PROTECTED]
http://www.michaelchaney.com/
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
--
www.smsglobal.net SMS Global Ltd Short Message Service For Seafarers
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
