Ian C. Sison wrote:
> On Wed, 15 Aug 2001, Cito Maramba wrote:
>> It pisses me off that the highly publicized solution to Code Red
>> is to "install a patch" on IIS. The REAL Solution is not to use
>> IIS in the first place. Use Apache, or better yet, Linux AND
>> Apache.
>>
>
> To be fair, Linux is not immune to this kind of hacking, as some
> time ago, another worm ravaged through unpatched stock Redhat 6.2
> systems running vulnerable versions of wu-ftpd and lpd. Subsequent
> systems become candidates for DDoS, depending on the severity of
> the compromise.
Yes, the RAMEN worm. And the Lion worm as well. Someone also released a
worm whose supposed function was to clean out the Ramen (or was it Lion)
worm. The thing is, IIS is a Commercial Product. If any other kind of
commercial product had similar defects, you'd have the company making
the product have lawsuits up the wazoo.
> And redhat does indeed install and bring up lpd and wuftp by default
> as well.
Which is why some refer to Red Hat as the "Micro$oft" of Linux distros
<wry grin>
> This just proves to show how much proper and pro-active
> administration really determines how secure a network is.
The mantra: "Security is a process, not a product".
I think Linux distros should be secure Out of the Box. They can't claim
the old excuse of patents.. RSA's US patent expired last year.
Hopefully, a higher security level on OOB installs of linux distros will
prevent more newbies from being r0073d or O|/\|n3d.
> The major problem with NT/IIS is the frequency of the occurences of
security
> breaches which means NT admins have to be on their toes more often
> than Linux admins, and usually, the patches given out by M$ does
> not solve the problem or even makes it worse. Remember that fiasco
> with the Exchange "hotfix patch". Sheesh... If one were paying
> for microsoft software, at the very least the product should be AS
> SECURE or even more secure than its open source counterparts!
Dobol Jeopardy! What makes Micro$oft software exempt from Product
Liability laws.
" E's not dead, e's pining!"
"He's not pining, he's passed on! This parrot won't squawk! He's
ceased to be! He's expired, and gone to meet his maker! It's a
stiff! No breath of life, he may rest in peace! If you hadn't nailed
him to the perch, he'd be pushing up the daisies! He's off the twig!
He's kicked the bucket! He's curled up his tooties! He's shuffled off
this mortal world! He's run down the curtain, and joined the bleed'n
Choir Invincible! HE'S F*CKING SNUFFED IT! Vis-a-vi his metabolic
processes is head is lost. All statements concerning this parrot is no
longer a going concern, after from now on, Inoperative...
THIS IS AN EX-PARROT!!"
Wish I could say the same for Code Red. Stupid default.ida requests
still coming in...
--
Inocencio Daniel Cortes Maramba, MD |http://upcm.net/%7eidcm/
Assistant Professor, Medical Informatics Unit|"Insert witty saying here"
College of Medicine |[EMAIL PROTECTED]
University of the Philippines Manila |"Dude, that kicks ass!"
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
