how can we be of help to the average ignorant windows admin? to keep them from opening such vulnerabilities unknowingly?
On Tue, Jan 20, 2009 at 9:20 PM, Gary Brown <[email protected]> wrote: > I can attest to the anonymous FTP blunder first hand. About 4 years ago a > Win XP box became a SPAM generator for about 9 hours. I learned my lesson > though. I lock down everything now. > > Speaking from experience, Linux makes it harder for average users to expose > the system because you have to learn how to make the services available (by > reading a lot material) and in the process you become aware of the dangers > whereas Windows makes it easier to stumble through making services available > without learning anything in the process. > > > ----- Original Message ----- From: "Kevin Thorley" <[email protected]> > To: <[email protected]> > Sent: Tuesday, January 20, 2009 1:16 PM > Subject: Re: Yet another reason to stay away from Windows > > > > On Tue, Jan 20, 2009 at 1:04 PM, chris yarger <[email protected]> wrote: >> >>> With things like this happening in windows why not keep to linux? >>> >>> http://www.theregister.co.uk/2009/01/20/sheffield_conficker/ >>> and >>> http://www.theregister.co.uk/2009/01/20/mod_malware_still_going_strong/ >>> >> >> Or, why not at least hire a competent IT staff. In both of these >> cases, it seems to be a problem with either IT security policy or >> implementation. I have had two Linux servers compromised in the past >> 10 years. One was due to foolishly allowing (or failing to not allow) >> anonymous ftp. That resulted in a rootkit and a fresh install of the >> OS as a fix. The other compromise was due to a user whose password >> was the same as their username. The onsite admin (really customer >> service rep who knows how to log in to the server to do simple tasks) >> had set the password from the root account. The result was that the >> server then became an IRC server for connections from Romania, among >> other things. >> >> Poor IT is poor IT, regardless of the OS >> >>
