On Mon, 17 Sep 2001, Dustin Puryear spewed into the ether:
> I have yet to see any studies that prove that Linux is any more secure
> that Windows NT. In fact, most Linux distributions take the dangerous
> tactic of running most services out of the box. Excluding IIS (hell,
> what can you do?) a default install of NT is arguably more secure than a
> default install of popular Linux distributions.
Out of the box install, the only secure OS would be OpenBSD (unless
they had an unpatched sendmail there and it was running in the default
install).
> Don't get me wrong, I run *a lot* more Linux servers than NT servers
> over here, but I think it's misleading when someone states simply that
> Linux "is more secure" or "has better security." What does that mean?
True, that statement is just plain wrong. Any Os is only as secure as
its admin. Now, generally, *nix administrators are a more competent
bunch as compared to MS ones, and they know a lot more (Generic
observation, no flames please. This isn't a personal comment, and if
you are a good admin who can lock down a NT server, the world needs
more of you). Due to this higher degree of knowledge, they can secure
machines far more easily than NT. Plus, the design of NT isn't towards
security, its more towards ease of administration in a trusted network.
NT feels to me like it has the multiuser capabilities grafted onto it
rather than designed in. Lax default permissions also make it pretty
much a nightmare in an untrusted network.
On the other hand, most *nix systems give the administrator far more
control over what the system does. They don't try to do the right thing
irrespective of what the admin says. So that line shoule be read as
*nix machines are more easily securable than NT machines.
Devdas Bhagat
--
Each honest calling, each walk of life, has its own elite, its own aristocracy
based on excellence of performance. -- James Bryant Conant
