I can attest to the anonymous FTP blunder first hand. About 4 years ago a
Win XP box became a SPAM generator for about 9 hours. I learned my lesson
though. I lock down everything now.
Speaking from experience, Linux makes it harder for average users to expose
the system because you have to learn how to make the services available (by
reading a lot material) and in the process you become aware of the dangers
whereas Windows makes it easier to stumble through making services available
without learning anything in the process.
----- Original Message -----
From: "Kevin Thorley" <[email protected]>
To: <[email protected]>
Sent: Tuesday, January 20, 2009 1:16 PM
Subject: Re: Yet another reason to stay away from Windows
On Tue, Jan 20, 2009 at 1:04 PM, chris yarger <[email protected]> wrote:
With things like this happening in windows why not keep to linux?
http://www.theregister.co.uk/2009/01/20/sheffield_conficker/
and
http://www.theregister.co.uk/2009/01/20/mod_malware_still_going_strong/
Or, why not at least hire a competent IT staff. In both of these
cases, it seems to be a problem with either IT security policy or
implementation. I have had two Linux servers compromised in the past
10 years. One was due to foolishly allowing (or failing to not allow)
anonymous ftp. That resulted in a rootkit and a fresh install of the
OS as a fix. The other compromise was due to a user whose password
was the same as their username. The onsite admin (really customer
service rep who knows how to log in to the server to do simple tasks)
had set the password from the root account. The result was that the
server then became an IRC server for connections from Romania, among
other things.
Poor IT is poor IT, regardless of the OS
