i searched and found mostly "xp is as secure as linux" comments, even from linux users.

i need to make an argument to a person about how linux is more secure than windows in particular.

two people, one not so good in computers and one who is a good windows user (he runs as non-admin and is unaffected by viruses).

any good links or statistics please? i've heard somewhere MS took a long time to fix a hole, anyone remembers a link?

PS: i have a feeling this thread will be locked for flamewars or something, please don't. just need some statistics and arguments.

Advice to argue " linux is more secure"...

Don't, it's pointless and silly

Any system is as secure as the person using it. Windows can be secure and virus free...just don't execute any virus and close the ports not needed/used.
Same goes for Linux, be safe and you will be safe.

The key is knowing what your doing. People say Linux is more secure are those that know Linux/Unix very well and know how to secure the system. You can have bad Linux/Unix admins as you can have bad Windows admins. It's not a one way street.

I say, find a new argument for him, as the security one is overdone and pointless

But have you ever heard of a Virus running rampant in a Linux environment? I haven't. Sure there are still security holes like if you're using telnet, or leaving ports open, that applies everywhere. Ask a Windows system admin what the last big thing was that crippled their company and I bet they'll say it was something like the blaster virus or sasser one that's going around today.

Originally posted by bradfordgd
But have you ever heard of a Virus running rampant in a Linux environment? I haven't. Sure there are still security holes like if you're using telnet, or leaving ports open, that applies everywhere. Ask a Windows system admin what the last big thing was that crippled their company and I bet they'll say it was something like the blaster virus or sasser one that's going around today.

likely true but that still comes down to the fault of the IT department/sys admins, for not taking proper steps to avoid these things. i have admined _large_ Windows networks, and email systems in the past and avoided all the worm/virus crap 100%.

But with these rampant virus running wild are because of bad administration. The net admin at my work had all this locked down a week before it became a problem so we have not been effected at all by any of these. And that is due to good administration. The system is as secure as you make it.

I've seen poor Linux administration aid in propogating viruses. When someone thinks it's a good idea to make a MIME to have .exe files run through wine...they have the same effect in the users group. Ever seen evolution send out 100's of emails because the user did this? It happens.

Ever seen a system rooted because of an exploit in a remote shell? Most times people never notice this because they get false security from using Linux.
Lock your doors and close your windows, because as long as you are connected to the internet in general, you're a possible target ;)

Originally posted by bradfordgd
But have you ever heard of a Virus running rampant in a Linux environment? I haven't.

Maybe you haven't been around UNIX administration very long?

Adore worm
Lion worm
Ramen worm

Apache/SSL worms
Linux.Slapper.Worm

x.c Worm

LPD Worms

I'm actually suppirsed that I haven't heard of resent OpenSSH and Sendmail worms. I do know of several boxes that were rooted cause of OpenSSH overflows (not mine though).

I think alot of it also comes down to the users. Users have been told again and again, don't open this or that, but someone always falls for the "Something you ought to know.exe" email attachment and launches a corperate wide worm. Not saying there aren't Linux viruses, just I've never heard of one. I don't do admin, but I work in Unix enviroments and now Linux is becoming a part of that. I have heard of the recent sendmail and openssh vulnerabilities though. Just my 2 cents, Virus's seem to be more of a threat on Windows than on *nix.

Viruses aren't that big of a deal anymore I think. Worms are, and they attack any operating system. Besides. most of the regular people don't know the difference between a virus and a worm and use them interchangably anyway. So in their view, Linux is vulnerable to a virus.

<troll mode="rob enderle">

Linux? Secure? Hogwash I say, hogwash! How can they claim it is secure when millions of people over the world can freely view the source, and MILLIONS upon MILLIONS of contributions are made daily without review from iraq, Syria, China, and Russia!? No wonder it's the number one attacked OS (for a complete report including statistics about how often it is attacked, please visit my website and purchase a report for only $699).

The worst thing about linux, is that those in the linux camp are zealot linux terrorists, whose hippie, commie, anti-american ethics will surely destroy any business that dares to adopt it. Just loook around in the corporate worl and see who's adopting it. Most are running away scared from it and wouldnt dare touch it (for a report on how many companies use linux, please visit my website, where you can purchase the report for ONLY $1499)

With a crowd like this, no wonder you have all these viruses and worms running rampant in the linux kernel. Of course, as they say, a server is only as secure as the person administrating it. The only surefire way to lock down your webserver is to turn off port 80.

And, with longhorn and trusted computing on the horizon, windows is obviously going to be a safe haven for normal people who just want to read their email without fear of a new worm written by linux activists trying to attack SCO.

Disclaimer: Microsoft is a client of Mr.Enderle's, and his views and opinions may reflect that fact.
</troll>

A link to some unbiased articles......ya gotta search a little, but they're recent.
http://eweek.com/

Originally posted by carrja99
<troll mode="rob enderle">

Linux? Secure? Hogwash I say, hogwash! How can they claim it is secure when millions of people over the world can freely view the source, and MILLIONS upon MILLIONS of contributions are made daily without review from iraq, Syria, China, and Russia!? No wonder it's the number one attacked OS (for a complete report including statistics about how often it is attacked, please visit my website and purchase a report for only $699).

The worst thing about linux, is that those in the linux camp are zealot linux terrorists, whose hippie, commie, anti-american ethics will surely destroy any business that dares to adopt it. Just loook around in the corporate worl and see who's adopting it. Most are running away scared from it and wouldnt dare touch it (for a report on how many companies use linux, please visit my website, where you can purchase the report for ONLY $1499)

With a crowd like this, no wonder you have all these viruses and worms running rampant in the linux kernel. Of course, as they say, a server is only as secure as the person administrating it. The only surefire way to lock down your webserver is to turn off port 80.

And, with longhorn and trusted computing on the horizon, windows is obviously going to be a safe haven for normal people who just want to read their email without fear of a new worm written by linux activists trying to attack SCO.

Disclaimer: Microsoft is a client of Mr.Enderle's, and his views and opinions may reflect that fact.
</troll>


It's so true.

Originally posted by carrja99
<troll mode="rob enderle">
And, with longhorn and trusted computing on the horizon, windows is obviously going to be a safe haven for normal people

Please release Longhorn soon...I need to be normal. I can't stand that X locks up on me at LEAST once a year, and then I have to go through a nasty nasty CTRL-ALT-Backspace and relogin.

Just last year, Mozilla stopped responding and I had to perform xkill! K3B has not yet created a coaster out of about 40 data/iso CDs and about 60 music CDs, but listen, I know it is coming, and I can't afford to have even 1 $0.11 CD wasted. I KNOW that can't happen with Windows. Mandrake didn't autodetect my printer, I had to ADD IT MANUALLY! I also need the piece of mind rebooting 1-3 times when I install anything. How can it actually work without rebooting. I tell ya, I get real nervous when version +1 of program X works without a reboot that I go ahead and reboot, just to be safe and for the piece of mind.

Even once, I remember a print job got stuck in the queue, and I had to turn the printer on and off to fix it. I can't take these problems anymore, I need rock solid reliability. I haven't even purchased a firewall program, it came with the OS, it must be crap compared to the one that comes standard with XP, with it's built in port bypasses to ease my life.

I need spyware to track my movements and try to sell me stuff, because, come on, we all need computerized smoothy machines and who am I to look up information online and NOT let others know what I am doing at all times.

I need reliability and stability and certainly someone telling me I am not allowed to listen to my oggs anymore because 1) I really should only use the reliable and stable Media Player 2) Listenting to an open format makes me a socialist rebel. 3) Email = ecommerce and letting someone hijack Outlook is simply BUILDING the economy people.

I could go on, but I have to get to Best Buy before it closes to fork over $300 on XP. See ya Suse, Mandrake, Redhat, you tried, but you just don't measure up.

hlrguy

How To Recognize Sarcasm (http://www.techcomedy.com/users/submitted_content.php?nick=Turk)

I just have to say this...

A large number of computers running Windows XP in my companies network were infected with the sasser virus TODAY. A lot of time and money...

People in the same room as me were affected.

I didn't seem to have any problems with my computer. Of course, I am running slackware-current.

LOL!

SunOfTux

hlrguy,

Thanks for the link on how to recognize sarcasm. I have been looking for a definitive guide on the subject.

You might be aware of my previous lapse in recognizing such humor several months ago. LOL!

SunOfTux

Huh, did I just miss the recruitment officer for the war against Tux? I wanna sign up, too! I contribute my MS Sidewinder gamepad to the fight. It's fast, reliable and already helped me kill hundres of Orcs gangsters, shoot the most wonderful goals in NHL history, and finally end the alien invasion that was going to make our day. :D

i have admined _large_ Windows networks, and email systems in the past and avoided all the worm/virus crap 100%.

Congrats on the good job, Hayl! One thing I realized when reading through this thread: a network is only as good as its admin - and an admin is only as good as the information he/she gets. My question: how does an admin keep track of all those dangers out there? Is there some central news source out there covering the topic? Or have network admins constantly an eye on MS and Symantec websites etc? (Or do you read about viruses in the latest email-forward? :D )

The first line of defense is keeping your system updated. Most of these exploits are patched before they are widely exploited. This goes for both M$ and Linux/unix, though it seems as if there are more holes with Windows and their discovery to patch time is exponentially worse.

MS+Worms=job security:D

though it seems as if there are more holes with Windows

i don't think so. http://www.theinquirer.net/?article=13420

anyway, i suppose windows is just as secure as linux, you just need a firewall (no slammer with that), patches and good admin.

"The blessing is that the learning curve for using and dealing with Linux has been greatly reduced. But the Linux community has too often glossed over security issues, possibly because many have assumed that Linux must be about as secure as Unix, the latter of which has improved considerably in security potential over the last decade. Unsecured Linux systems now represent what must surely be one of the greatest potential sources of loss and disruption in the entire cyberworld."
A little too sensational of a quote perhaps, but if someone (and they probably have by now) were to target Linux boxes on a scale that Windows is targeted, think about the people who install Linux that probably have servers running and do not even realize it. It's just somethihng that flashes by on the bootup screen.

Less people would target linux due to less people using ..., but I don't care abt that even if linux becomes more well-liked:D

Also most linux virii, AFAIK, needs root power to run, which during installations most distros will require you to know, and set.

Windows has is administrator accounts but most people do not set a password to them.

Also, normal linux users do not have special powers to tamper with the system files, while in windows they have, resulting in many accidents.

BTW, virii in linux hardly spread fast and at the extent of windows ones, even in linux based centres.

This is more or least to talk about.

Excellent post carrja99. As blatent a troll as it was, it sure fired up this thread. :-)

Simple Active Attack Against TCP (http://www.insecure.org/stf/iphijack.txt)
was originally put out in 2000. Basically, you should assume anything is insecure.
1. I use a bank card instead of a regular credit card for online purchases. The withdrawals/charges are limited to the account balance instead of a line of credit.
2. Always say no when places like Newegg ask if they can store your financial info.
3. Consider encryption for personal info like telephone numbers, SS #'s, work info.

Originally posted by XiaoKJ
Also most linux virii, AFAIK, needs root power to run, which during installations most distros will require you to know, and set.

Windows has is administrator accounts but most people do not set a password to them. Then there are things like http://www.linuxsecurity.com/advisories/gentoo_advisory-2920.html that someone could automate in a script and mass distribute. This is a poor example, but gives the idea that it is possible

Of course this goes back to the "if your running an unpatched system" argument, but most people don't see articles like this one or get the notices or look for patches

what keeps viruses (sorry, virii (and boxen) are not words ;)) or worms from being mass spread between Linux systems is that the distros are so different in structure. Many people complain about this 'feature' but it is really a very strong point with Linux. All Windows machines by default are setup the same but many Linux distros have critical system files in different locations by default.

Even without applying ANY patches, just how vulnerable is Joe Average if his Windows and Linux computers are behind a typical off-the-shelf router? Let's assume that he's familiar with the do-no-click-on-e-mail-attachments mantra, and just says "no" whenever the computer asks if he wants to install/accept anything.

In order for an attack to occur, there needs to at least be some incoming packets hitting a victim computer. Without any manual settings, a router has no clue which computer to forward some packet coming from just anywhere--so the packet just gets discarded. Right?

The only incoming packets that can actually get anywhere are return messages from http/ftp/etc requests. How much of a threat is this?

So, if all the Joe Averages on the internet were behind default install routers, and learned how to not click on e-mail attachments, how would this affect worm attacks?

IssacKuo, you are talking about how viruses propagate!

virii propagate passively -- they need human contact at the client end to get infected.

worms are active in their reproductive systems. They can get into any vulnerable computer if both ends are connected.

And it is not a big matter whether they are behind routers -- they just attack the default ports and if any normal computer has that port open, they will fall prey.

First of all, that Inquirer article includes thousands of software packages as "Linux vulnerabilities" when it counts the advisories released by the distribution authors.

Now to get on with the show: Microsoft has blown the goat with Sasser. They released a buggy patch that many sysadmins are afraid to deploy. Bugtraq is full of posts about problems this patch has caused.

Perhaps more importantly, it took Microsoft over 5 months to get this patch out after being informed about the vulnerability by eEye. According to eEye's research page, Microsoft has another vulnerability that's 150 days overdue (150 days since the 60 day acceptable timeframe after notification). A few weeks ago when I checked with eEye Microsoft had several vulnerabilities over 100 days overdue and many more in the 80 - 90 range. Those must be what was fixed in the most recent round of patches that included the broken Sasser patch.

From my standpoint, I can't trust Microsoft to release patches of high quality or on time. My experience with Linux since 1996 has taught me that I can trust the various software developers to patch things quickly.

Originally posted by XiaoKJ
IssacKuo, you are talking about how viruses propagate!

virii propagate passively -- they need human contact at the client end to get infected.

worms are active in their reproductive systems. They can get into any vulnerable computer if both ends are connected.

And it is not a big matter whether they are behind routers -- they just attack the default ports and if any normal computer has that port open, they will fall prey.

Actually, I was talking about BOTH sorts of threats.

Now, forgive me if I've got this wrong, but how is a packet going to get to a computer behind a router if that router doesn't know which computer to send the packet to? A packet needs to go to a particular IP address, but if the router doesn't know where to forward it to the packet just goes nowhere. Remember, Joe Average does NOT have a DMZ set up forwarding all ports to a particular computer.

Originally posted by rocketpcguy
http://www.theinquirer.net/?article=13420



Although slashdot may consider theinquier.net to be a reliable source of information, come on... those people our sensationalist journalist by trade and 80% of the time their articles are just hot air.

Originally posted by IsaacKuo
Actually, I was talking about BOTH sorts of threats.

Now, forgive me if I've got this wrong, but how is a packet going to get to a computer behind a router if that router doesn't know which computer to send the packet to? A packet needs to go to a particular IP address, but if the router doesn't know where to forward it to the packet just goes nowhere. Remember, Joe Average does NOT have a DMZ set up forwarding all ports to a particular computer.
What you said is quite true, but many people will not use routers as they are quite expensive compared to a modem for one computer.

And there exists a very common and practical form of NAT routing that uses only one IP address to connect to the internet -- it routes by using ports not used by the system. Thus, the normal ports attacked by the worm could be attacked as it will pass through it without any thought. Then the worm would be able to spread to other systems in the domain.

Lastly, I suppose worms can automatically connect to systems by routing from normal ports -- for example worms can propagate over proxy servers that use the 8080 port.

Sure a network is only as secure as its administrators from WELL KNOWN attacks, but how many exploits are there on the internet for windows that are still unpatched? Even Companies like Eeye security have reported to microsoft vulnerabilites that still yet to be patched after over a year of its release.........The Samba team? Remember when one of them posted on Slashdot?

The main difference between Linux and Windows Security?

When a exploit is released or any vulnerability is released in the Linux world, it is patched very quickly.

With Microsoft? Wait at LEAST 3 months.......If not longer.

With Microsoft? Wait at LEAST 3 months.......If not longer.

yes, that's what i need! any links? i was sure i've read a news report about this.

Doesn't it really come down this: That the most popular operating system is going to targeted and scrutinized by all the virus creators. If Linux were the most popular, it would be targeted by just as many viruses/worms. As noted prior to this post, good administrators count for something also.

Linux has an edge over OTHER OS’s because of the open source nature and the fact that issues are addressed almost immediately by a world wide audience. Even if Linux was found to have more security holes over the course of a few years than Windows, it would be more secure over time because of the development effort put behind Linux by a world wide community.

The community is what makes the fort strong. OS companies will always prioritize how they address issues and the creation of features with money in mind. The community creates and fixes what is needed to be done.

Long live the world wide community...

Originally posted by danscript
Doesn't it really come down this: That the most popular operating system is going to targeted and scrutinized by all the virus creators. If Linux were the most popular, it would be targeted by just as many viruses/worms. Well, I don't know how many times I've posted this recently, but here's one more. Basically, no, that's not correct:

http://www.roaringpenguin.net/about/articles/anti-virus.php