Welcome Guest | Sign In
ECTNews.com
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider
Discussions

LinuxInsider Talkback

 
ECT News Community   »   LinuxInsider Talkback   »   Re: Attracting Attackers: Windows vs. Unix



Re: Attracting Attackers: Windows vs. Unix
Posted by: Paul Murphy 2004-08-19 14:28:03
See Full Story

Lots of people believe that the reason there are more attacks on Windows machines than on Unix machines is simply that Windows dominates desktop markets. According to their logic, 90 plus percent of the desktops should lead to 90 plus percent of the attacks. The question is whether they are right. Look just at the number of victims and they're more than right. Microsoft, according to Netcraft's surveys, only has about one third of the Web servers on the internet, but it also has about all of the servers known to have been compromised through external attack.


Re: Attracting Attackers: Windows vs. Unix
Posted by: mystere 2004-08-19 21:54:12 In reply to: Paul Murphy
Your article makes several assumptions. The first is about Netcraft's survey results. Netcraft does not say that Microsoft [...] only has about one third of the Web servers on the internet. It says that only about 1/3 of all hostnames are hosted on Microsoft based servers. There is not a one-to-one ratio of hostnames to servers. Large hosting services like ISP's tend to run hundreds or thousands of hostnames on a single server, and the have been traditionally unix based. Corporations, on the other hand, tend to have only a few hostnames assigned to a single server, and these have traditionally been Windows based.
In fact, at least one Netcraft physical server survey shows that Windows has more than 50% of the physical servers on the internet, and certainly the vast majority of clients.
The second incorrect assumption is that Windows servers account for "about all" of the known servers that are attacked. If you go to just about any kind of compromise archive, such as the one at zone-h.org, you see that Linux typically acounts for 70-90% of the compromises they track.
Your arguments are also rather simplistic, and ignore other factors, such as the average competency of a Windows administrator versus a unix one. Typically, the large demand for Windows administrators means that employers are usually forced to hire substandard staff, and often relegate some non-technical (or most computer literate) office worker to the task. Unix/Linux is almost impossible to adminster without a solid foundation of Unix fundamentals. This means that a Unix system is likely to be more secure than a Windows system from sheer competence of the administrator, although there are certainly a ton of people out there experimenting with Linux who have little experience. These machines are typically exploited quite heavily if they're not behind a firewall.

Re: Attracting Attackers: Windows vs. Unix
Posted by: captmiddy 2004-08-22 08:58:40 In reply to: mystere
Your response makes as many bad assumptions. One you assume that a majority of attacks are defacements or web server based attacks, when the reality is that a majority are viruses or trojans. You also assume that a majority of corporations are running their websites on Windows. You also assume that the average Linux administrator is better trained than the average windows adminatrator. Also the number of parked domains on Windows versus Linux has shifted back and forth frequently. Because some places will park more domains on Unix based system than Windows isn't all that telling, it just means that the Unix systems are better at hosting a large number of domains. It also is a good target because people tend not to watch them as much. Not to mention 1 attack can hit hundreds of sites all at once.
Defacements are about glory getting, and do not fall into the same realm as the information thieves. It is also true that many of these defacements aren't even defacements but file drops. A large number were text files dropped into the web space using poor settings in upload tools on the web sites. While a problem admittedly, they do not allow for the farming of information from the site. There is also the fact that it has been shown that a large number of remote exploits to Windows allow for a high level of access, why deface the computer when you can park something there that is so much more valuable?
I am certainly not saying that Linux doesn't have its security issues, nor that Windows is horrible. I am saying that if you look at one small segment of attack types, one will come out better at avoiding them then the other. You should looks at how you are going to deploy the system and how realatively secure it is in that deployment when making your decision. Also are you going to spend the time it takes to ensure that your site remains secure by keeping up with security updates and learning how to properly configure your system to be secure?
Jump to:
What is the greatest challenge to organizations implementing Artificial Intelligence?
A shortage of talent with the skills to utilize AI to its full potential.
AI can be expensive and the return on investment is questionable to decision makers.
AI is an unfamiliar and complex technology that is not yet fully trusted.
AI has its own set of cybersecurity concerns which require additional resources.
Dependability of AI technology is still in doubt.
Many view AI as an unnecessary luxury.