> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, October 03, 2001 2:00 PM > To: [EMAIL PROTECTED] > Subject: [SLUG] Vulnerabilities - linux v. windows > > > Statistics can be taken to mean whatever you like. This > doesn't seem to > take account of the severity of particular vulnerabilities but I still > thought other Sluggers may find it interesting. > > > http://www.zdnet.com.au/newstech/os/story/0,2000024997,20260847,00.htm > > regards > Steven
It also doesn't take into account a couple of other things... - Default installations. I think you'd find more of these vulnerabilities are exploitable in a default install of Windows than a default install of say RedHat or Debian. Windows has too much running by default. Though personally I'd say RedHat does too - even a Debian box has stuff I remove straight after install and it's pretty minimal. Microsoft could improve their security and image *considerably* by shipping the OS with everything off instead of everything on. - Source code availability. If you want to find a new hole in a Linux or BSD OS you can "Use the Source Luke" which can provide a wealth of information. For proprietary OS's you just have to hammer at it black box fashion until you get it to crack then try and work out exactly what happened and how to leverage it. Eeye have done some nice work in this area. That's just a coupla things I came up with off the top of my head too... there's plenty more to this argument. S. :) PLEASE NOTE: This email transmission is confidential and intended solely for the addressee. If you are not the intended addressee, you must not use, disclose or print this transmission and you should delete it from your system. -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
