|
Hi Eric,
Defacement of Web sites is probably more a matter
of Web server software, but there are still architectural and account issues at
hand. Good point though. I've only done a little bit of work in this area, so
I'm really interested in the group's responses.
Take care,
-Gary
----- Original Message -----
Sent: Friday, June 27, 2003 4:55 PM
Subject: RE: [RLUG] The Slammer Worm
Effect: Why Linux OS is More Attackable than Win dows OS
Hi
Gary,
The article
focuses specifically on web site defacements as
a measurement of OS vulnerability. How users login, whether using root accounts
or more restrictive ones, does not
matter much in this case, does
it?
--Eric
Hi Eric,
I'm not sure I see how this can be as big a
deal to a Linux installation or user.
Most Windows users, especially in the home, use
Admin accounts. That's great and unrestricted, but very dangerous, since
there is no restriction for a virus or worm to unleash
full havoc.
Linux users, OTOH, use restricted accounts (or
at least they should be). Most of us don't log in as root, except for major
maintenance or updates, and that means the OS itself is far less easily
compromised. Sure, a well designed worm can still make life miserable for a
while, but the odds of a total mess are greatly reduced. Also, most of us
who have been around computers for a while know not to use stupid-simple
passwords for accounts, especially not for root.
I guess I don't see how this kind of thing
is a greater threat to Linux, which tends to be a more secure
architecture in the first place -- if not because of its design,
then because of its more knowledgeable user base.
Comments?
-Gary
---
Outgoing mail is certified Virus
Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version:
6.0.493 / Virus Database: 292 - Release Date:
6/25/2003
|
