Linux security vs Windows with A/V software and firewall. - Linux

This is a discussion on Linux security vs Windows with A/V software and firewall. - Linux ; I feel more secure with my windows system builtin firewall and anti-virus software. Some people claimed linux was fine without anti-virus software. Isn't it's default settings more susceptible to trojans and being rooted then my windows system. www.bylo.org bylo@bylo.org ?Subject=Yo ...

+ Reply to Thread
Page 1 of 4 1 2 3 ... LastLast
Results 1 to 20 of 66

Thread: Linux security vs Windows with A/V software and firewall.

  1. Linux security vs Windows with A/V software and firewall.

    I feel more secure with my windows system builtin firewall and anti-virus software.
    Some people claimed linux was fine without anti-virus software. Isn't
    it's default settings more susceptible to trojans and being rooted then
    my windows system.

    www.bylo.org
    bylo@bylo.org?Subject=Yo Bylo:


  2. Re: Linux security vs Windows with A/V software and firewall.

    In article <3959aa27babe73fb7ad80352cf818b99@dizum.com>, Nomen Nescio
    says...
    > I feel more secure with my windows system builtin firewall and anti-virus software.
    > Some people claimed linux was fine without anti-virus software. Isn't
    > it's default settings more susceptible to trojans and being rooted then
    > my windows system.
    >

    Certainly, a popular distribution such as Ubuntu could become a target
    of the tosser brigade.


    --
    Conor

    I'm not prejudiced. I hate everyone equally.

  3. Re: Linux security vs Windows with A/V software and firewall.

    Nomen Nescio wrote:

    > I feel more secure with my windows system builtin firewall and anti-virus
    > software.
    > Some people claimed linux was fine without anti-virus software.


    Correct. Just think for a minute: what would be the point of anti-virus
    software for an OS which has no viruses?

    > Isn't it's default settings more susceptible to trojans and being rooted
    > then my windows system.


    Incorrect. Just think for a minute: there are hundreds of thousands of
    different types of Windows malware in existence, and well over half of all
    Windows machines is infected with one or more of these. For Linux, on the
    other hand, there simply is no malware, and hacking a Linux box isn't a
    trivial task. I still have to come across the first rooted Linux box after
    ten years of Linux use, and five years of administering Linux boxes of 100+
    desktop users -- virtually *all* of whom have had severe Windows malware
    problems.

    Linux is designed as a secure multi-user OS with an effective privilege
    system. Windows is originally designed as a single-user OS, originally
    without any security measures or privilege separation at all; up until and
    including XP, Windows will happily execute any file the user clicks on --
    and there are lots of other execution mechanisms over which the user has
    little or no control at all, enabling malware infections through visiting
    web sites and the likes.

    Experiments have shown that a Linux box with a fresh default install
    (without even a firewall) withstood attacks for many months; an XP box with
    a fresh default install (also without a firewall) was hacked within seconds
    after connecting it to the Internet. Under Linux, a firewall is just an
    extra security measure -- but it's almost equally secure without it.
    Anti-virus isn't necessary at all. Windows simply isn't usable without a
    firewall and anti-malware.
    Vista's security was supposed to be vastly improved over previous Windows
    versions -- but it seems that Microsoft still has no clue when it comes to
    designing a workable security model: UAC is such a pain that the majority
    of users switch it off, and multiple critical updates show that Vista's
    kernel isn't "completely redesigned" at all, but shares a lot of the code
    (and hence the flaws) of previous Windows versions.


    Richard Rasker
    --
    http://www.linetec.nl/

  4. Re: Linux security vs Windows with A/V software and firewall.

    Nomen Nescio wrote:

    > I feel more secure with my windows system builtin firewall and anti-virus
    > software.


    BWAHHAHAHAHAHHAHAHHAHAAAAA!!!!

    So, help me out here, what is anti-virus software?
    I run Linux and I can't recall ever needing / seeing one.


    > Some people claimed linux was fine without anti-virus software. Isn't
    > it's default settings more susceptible to trojans and being rooted then
    > my windows system.



    Well all you now have to do is download the source code for Linux from
    any of the reposities, modify the code, and submit it with explanation
    of what it does so that they can recompile it and then
    distribute your virus for free.

    Any minute now, I will see a pig fly by.... oop! THERE GOES ONE!!!

    Well, if pigs can fly, surely you are able to do this?
    The world + dog awaits your announcement of success.


  5. Re: Linux security vs Windows with A/V software and firewall.

    7 wrote:
    >
    > So, help me out here, what is anti-virus software?
    > I run Linux and I can't recall ever needing / seeing one.


    Anti-virus software: An archaic form of computer security that attempts
    to repair intrusions after they have already occured. It addresses
    the actual attack mechanism (the virus) rather than the attack vector
    (the security hole that let the virus in). It operates by examining
    binary virus 'signatures' that are only available after a virus is
    discovered in the wild, leaving an unavoidable window of vulnerability
    between first release of the virus and its discovery.

    Thad
    --
    Yeah, I drank the Open Source cool-aid... Unlike the other brand, it had
    all the ingredients on the label.

  6. Re: Linux security vs Windows with A/V software and firewall.

    On 2008-01-20 03:50:05 -0500, Nomen Nescio said:

    > I feel more secure with my windows system builtin firewall and
    > anti-virus software.
    > Some people claimed linux was fine without anti-virus software. Isn't
    > it's default settings more susceptible to trojans and being rooted then
    > my windows system.
    >
    > www.bylo.org
    > bylo@bylo.org?Subject=Yo Bylo:




    No it's not. Now go sit down and stop trolling.


  7. Re: Linux security vs Windows with A/V software and firewall.

    On Jan 20, 3:50 am, Nomen Nescio wrote:
    > I feel more secure with my windows system builtin firewall and anti-virus software.


    If you have ActiveX enabled, or you accept MS-Office documents as e-
    mail attachements, then you still aren't safe. The firewall only
    limits connections by external clients. Microsoft offers a number of
    ways to send code right through the firewalls, by getting you to "pull
    it in". In addition, e-mail attachments can be loaded with agents
    that can pull in malware.

    > Some people claimed linux was fine without anti-virus software.


    Linux has antivirus software, but it's primary purpose is to prevent
    viruses from deseminating to Windows clients who might access the
    Linux system as an SMB server.

    Normally, Linux requires that the user intentionally download a script
    or application, and intentionally launch the application. If the
    application turns out to be malware, a logging mechanism can help you
    identify the perpetrator.

    Linux security is similar to UNIX security, both of which were based
    on Open Source technology. The default settings are secure enough to
    thwart most hackers, and would be similar to a deadbolt lock on your
    door, with alarms on all of the windows.

    More advanced settings can make it so secure that even the NSA and
    other government agencies can use Linux or UNIX for "Top Secret"
    documents. In fact, Linux and UNIX have some settings and options
    that are actually "too secure" and can violate United States National
    Security laws.

    There are ways to open up the security to improve performance, but
    these settings are only reccomended for working nodes on Beowulf
    clusters, which use highly secured gateway servers that delegate work
    to worker nodes that can ONLY be accessed by the gateway servers or
    other working nodes.

    > Isn't it's default settings more susceptible to trojans and being rooted then
    > my windows system.


    Nope. Remember that most of the applications for Linux are published
    in source code form. The source code for these applications are
    stored in repositories which keep track of every contributor. The
    development hierarchy lets contributors make contributions, but only
    after they have registered as contributors, made legally binding
    commitments not to engage in piracy or malware, and to only contribute
    original work that is not taken from any other source.

    If someone attempts to contribute malware, it's very easy to detect,
    and since each change can be reviewed, along with documentation on the
    reason why the change was introduced. If the malware is detected in
    the review cycle, there is a very good chance that the contributor
    could face criminal prosecution. For obvious reasons, we don't see a
    lot of this type of activity.

    Linux doesn't execute many of the scripts and binaries that are used
    to infuse malware. A common way to plant malware is to send an
    ActiveX control using ActiveScript which is handled by the Internet
    Explorer which in invoked when Outlook previews e-mail. You might see
    a pretty picture or banner ad, but you might also be getting one of
    the 250 million viruses written for Windows.

    The protocols used by Linux are all based on published standards which
    have been through industry-wide review. When there are "back doors"
    in a protocol, they are quickly identified, documented, and in many
    cases, the protocol is either revised to remove the back door, or the
    protocol itself is disabled by default.

    It is possible to make a client or server vulnerable to hackers, but
    it takes root level access, and requires changes that have to be made
    manually. If such vulnerabilities are introduced, it's very easy to
    see who introduced them, when they were introduced, and the
    perpetrator can easily be fired or prosecuted.

    Linux also has a number of auditing tools, which further improve the
    ability to control these vulnerabilities. Even a workstation that has
    been deliberately comprimised (possibly out of ignorance) can be
    detected and corrected, or reported to those who can help the end-user
    correct the configuration.

    Linux also has tighter control over who can do what, through groups
    and scripts or execution control. For example, if I want a certain
    group of people to be able to mount and unmount the CD or DVD, the
    command to do this can be granted permission to the administrators,
    who can execute the command, which then performs the action as root.
    Since only root can modify the file, users can't alter the script to
    mount or unmount hard drives.

    Linux servers are comparable to UNIX servers, which are renowned for
    their security, often being used to protect mainframe systems by
    providing both user friendly interfaces as well as enterprise level
    security.

    Linux desktops are not quite as secure, but the default is to have the
    user configure a root password and a personal account. The system
    then uses the personal account, and when root priviledges are needed,
    the user is required to enter the root password. This is one way that
    parents can exercise much stronger control over their children's
    computers. Furthermore, if the child attempts to change the password
    using a Live-CD (possible), the parent will discover it quite quickly.

    > www.bylo.org
    > b...@bylo.org?Subject=Yo Bylo:



  8. Re: Linux security vs Windows with A/V software and firewall.

    thad05@tux.glaci.delete-this.com wrote:

    > 7 wrote:
    >>
    >> So, help me out here, what is anti-virus software?
    >> I run Linux and I can't recall ever needing / seeing one.

    >
    > Anti-virus software: An archaic form of computer security that attempts
    > to repair intrusions after they have already occured. It addresses
    > the actual attack mechanism (the virus) rather than the attack vector
    > (the security hole that let the virus in). It operates by examining
    > binary virus 'signatures' that are only available after a virus is
    > discovered in the wild, leaving an unavoidable window of vulnerability
    > between first release of the virus and its discovery.
    >
    > Thad


    And here is a case where a Windoze AV is of no use at all:

    Once installed on a Windows machine the malicious code steals passwords,
    browser data as well as login names for bank accounts and online games.

    The attack is proving hard to defend against for both sites being hit and PC
    users who are caught out.
    [==]
    Mr Heron said the code injected on the websites scanned the machine of any
    visiting Windows user to see if any one of 13 separate vulnerabilities were
    present.

    It looked for vulnerabilities in browsers, instant messaging programs,
    document readers and media players, he said.
    As yet the trojan installed on a PC is not recognised by many widely used
    anti-virus programs.

    http://news.bbc.co.uk/1/hi/technology/7193993.stm

    --
    This message was sent from a
    computer which is guaranteed
    100% free of the M$ Windoze virus.
    -- PCLinuxOS 2007 --

  9. Re: Linux security vs Windows with A/V software and firewall.

    On Sun, 20 Jan 2008 15:12:40 -0800 (PST), Rex Ballard wrote:
    >On Jan 20, 3:50 am, Nomen Nescio wrote:
    >> I feel more secure with my windows system builtin firewall and anti-virus software.


    >If you have ActiveX enabled, or you accept MS-Office documents as e-
    >mail attachements, then you still aren't safe. The firewall only
    >limits connections by external clients. Microsoft offers a number of
    >ways to send code right through the firewalls, by getting you to "pull
    >it in". In addition, e-mail attachments can be loaded with agents
    >that can pull in malware.


    >> Some people claimed linux was fine without anti-virus software.


    >Linux has antivirus software, but it's primary purpose is to prevent
    >viruses from deseminating to Windows clients who might access the
    >Linux system as an SMB server.


    >Normally, Linux requires that the user intentionally download a script
    >or application, and intentionally launch the application. If the
    >application turns out to be malware, a logging mechanism can help you
    >identify the perpetrator.


    With linux, if the application turns out to malware, it can't do anything
    outside the user's file. Users don't have the ability to overwrite
    system files.

    The whole windows malware epidemic is due nearly entirely due to the fact
    that the default windows user is an administrator and any process can
    overwrite any part of the system at any time. Just poping in a CD
    is enough to wipe out a windows installation.

  10. Re: Linux security vs Windows with A/V software and firewall.

    On Sun, 20 Jan 2008 23:56:38 -0000, AZ Nomad wrote:

    > On Sun, 20 Jan 2008 15:12:40 -0800 (PST), Rex Ballard wrote:
    >>On Jan 20, 3:50 am, Nomen Nescio wrote:
    >>> I feel more secure with my windows system builtin firewall and anti-virus software.

    >
    >>If you have ActiveX enabled, or you accept MS-Office documents as e-
    >>mail attachements, then you still aren't safe. The firewall only
    >>limits connections by external clients. Microsoft offers a number of
    >>ways to send code right through the firewalls, by getting you to "pull
    >>it in". In addition, e-mail attachments can be loaded with agents
    >>that can pull in malware.

    >
    >>> Some people claimed linux was fine without anti-virus software.

    >
    >>Linux has antivirus software, but it's primary purpose is to prevent
    >>viruses from deseminating to Windows clients who might access the
    >>Linux system as an SMB server.

    >
    >>Normally, Linux requires that the user intentionally download a script
    >>or application, and intentionally launch the application. If the
    >>application turns out to be malware, a logging mechanism can help you
    >>identify the perpetrator.

    >
    > With linux, if the application turns out to malware, it can't do anything
    > outside the user's file. Users don't have the ability to overwrite
    > system files.


    In a single user, desktop system, it doesn't matter.
    When the users MP3 collection is gone, it's over with.

    > The whole windows malware epidemic is due nearly entirely due to the fact
    > that the default windows user is an administrator and any process can
    > overwrite any part of the system at any time. Just poping in a CD
    > is enough to wipe out a windows installation.


    True, but the same can be said of Linux.
    Physical access negates ANY sort of protection.
    IOW that CD you got from a friend that requires root to run.

    Example: a rogue repository or a rogue program in a legit repository.
    Same thing, installing programs requires root access.

    Is Windows worse?
    Yes, but Linux has the same potential, pretty much.
    The difference is the black hats haven't attacked desktop Linux yet because
    the target isn't big enough.
    Notice how they have just started on the Mac. That's because the Mac is
    appearing on the radar screen now.
    The same thing will happen to Linux should it reach that level of
    popularity.

    That being said, I will agree it's going to be a hell of a lot more
    difficult with Linux.
    However, social engineering, which is how many of these exploits work, is
    just as good a tool with Linux as Windows.

  11. Re: Linux security vs Windows with A/V software and firewall.

    On Sun, 20 Jan 2008 19:13:04 -0500, Moshe Goldfarb wrote:
    >On Sun, 20 Jan 2008 23:56:38 -0000, AZ Nomad wrote:


    >> On Sun, 20 Jan 2008 15:12:40 -0800 (PST), Rex Ballard wrote:
    >>>On Jan 20, 3:50 am, Nomen Nescio wrote:
    >>>> I feel more secure with my windows system builtin firewall and anti-virus software.

    >>
    >>>If you have ActiveX enabled, or you accept MS-Office documents as e-
    >>>mail attachements, then you still aren't safe. The firewall only
    >>>limits connections by external clients. Microsoft offers a number of
    >>>ways to send code right through the firewalls, by getting you to "pull
    >>>it in". In addition, e-mail attachments can be loaded with agents
    >>>that can pull in malware.

    >>
    >>>> Some people claimed linux was fine without anti-virus software.

    >>
    >>>Linux has antivirus software, but it's primary purpose is to prevent
    >>>viruses from deseminating to Windows clients who might access the
    >>>Linux system as an SMB server.

    >>
    >>>Normally, Linux requires that the user intentionally download a script
    >>>or application, and intentionally launch the application. If the
    >>>application turns out to be malware, a logging mechanism can help you
    >>>identify the perpetrator.

    >>
    >> With linux, if the application turns out to malware, it can't do anything
    >> outside the user's file. Users don't have the ability to overwrite
    >> system files.


    >In a single user, desktop system, it doesn't matter.
    >When the users MP3 collection is gone, it's over with.

    Irrelevent.

    Just because a user has valueable files is no reason to allow the
    system to be trashed by everything and anything.


    >> The whole windows malware epidemic is due nearly entirely due to the fact
    >> that the default windows user is an administrator and any process can
    >> overwrite any part of the system at any time. Just poping in a CD
    >> is enough to wipe out a windows installation.


    >True, but the same can be said of Linux.

    No it can't. Linux users do routine work as linux.

    >Physical access negates ANY sort of protection.

    Irrelevent. Just because somebody in my house can trash my system is
    noreason to let everybody on the network do the same.


    >IOW that CD you got from a friend that requires root to run.

    No. The CD is a windows autorun (read: sony rootkit, dvd with installer)
    and it trashes the system because the user is an administrator.

    >Example: a rogue repository or a rogue program in a legit repository.

    What the **** are you babbling about it?


    >Same thing, installing programs requires root access.

    Which is the default on windows plus autorun.

    >Is Windows worse?
    >Yes, but Linux has the same potential, pretty much.

    Exactly wrong. There is no way poping in a CD on a linux
    system can autorun and run as root.




  12. Re: Linux security vs Windows with A/V software and firewall.

    On Mon, 21 Jan 2008 01:57:44 -0000, AZ Nomad wrote:
    >On Sun, 20 Jan 2008 19:13:04 -0500, Moshe Goldfarb wrote:
    >>On Sun, 20 Jan 2008 23:56:38 -0000, AZ Nomad wrote:


    >>> On Sun, 20 Jan 2008 15:12:40 -0800 (PST), Rex Ballard wrote:
    >>>>On Jan 20, 3:50 am, Nomen Nescio wrote:
    >>>>> I feel more secure with my windows system builtin firewall and anti-virus software.
    >>>
    >>>>If you have ActiveX enabled, or you accept MS-Office documents as e-
    >>>>mail attachements, then you still aren't safe. The firewall only
    >>>>limits connections by external clients. Microsoft offers a number of
    >>>>ways to send code right through the firewalls, by getting you to "pull
    >>>>it in". In addition, e-mail attachments can be loaded with agents
    >>>>that can pull in malware.
    >>>
    >>>>> Some people claimed linux was fine without anti-virus software.
    >>>
    >>>>Linux has antivirus software, but it's primary purpose is to prevent
    >>>>viruses from deseminating to Windows clients who might access the
    >>>>Linux system as an SMB server.
    >>>
    >>>>Normally, Linux requires that the user intentionally download a script
    >>>>or application, and intentionally launch the application. If the
    >>>>application turns out to be malware, a logging mechanism can help you
    >>>>identify the perpetrator.
    >>>
    >>> With linux, if the application turns out to malware, it can't do anything
    >>> outside the user's file. Users don't have the ability to overwrite
    >>> system files.


    >>In a single user, desktop system, it doesn't matter.
    >>When the users MP3 collection is gone, it's over with.

    >Irrelevent.


    >Just because a user has valueable files is no reason to allow the
    >system to be trashed by everything and anything.



    >>> The whole windows malware epidemic is due nearly entirely due to the fact
    >>> that the default windows user is an administrator and any process can
    >>> overwrite any part of the system at any time. Just poping in a CD
    >>> is enough to wipe out a windows installation.


    >>True, but the same can be said of Linux.

    >No it can't. Linux users do routine work as linux.

    ****ing keyboard dyslexia. It should read:
    Linux users don't do routine work as root.



    >>Physical access negates ANY sort of protection.

    >Irrelevent. Just because somebody in my house can trash my system is
    >noreason to let everybody on the network do the same.



    >>IOW that CD you got from a friend that requires root to run.

    >No. The CD is a windows autorun (read: sony rootkit, dvd with installer)
    >and it trashes the system because the user is an administrator.


    >>Example: a rogue repository or a rogue program in a legit repository.

    >What the **** are you babbling about it?



    >>Same thing, installing programs requires root access.

    >Which is the default on windows plus autorun.


    >>Is Windows worse?
    >>Yes, but Linux has the same potential, pretty much.

    >Exactly wrong. There is no way poping in a CD on a linux
    >system can autorun and run as root.


    >



  13. Re: Linux security vs Windows with A/V software and firewall.

    On Mon, 21 Jan 2008 01:57:44 -0000, AZ Nomad wrote:

    > On Sun, 20 Jan 2008 19:13:04 -0500, Moshe Goldfarb wrote:
    >>On Sun, 20 Jan 2008 23:56:38 -0000, AZ Nomad wrote:

    >
    >>> On Sun, 20 Jan 2008 15:12:40 -0800 (PST), Rex Ballard wrote:
    >>>>On Jan 20, 3:50 am, Nomen Nescio wrote:
    >>>>> I feel more secure with my windows system builtin firewall and anti-virus software.
    >>>
    >>>>If you have ActiveX enabled, or you accept MS-Office documents as e-
    >>>>mail attachements, then you still aren't safe. The firewall only
    >>>>limits connections by external clients. Microsoft offers a number of
    >>>>ways to send code right through the firewalls, by getting you to "pull
    >>>>it in". In addition, e-mail attachments can be loaded with agents
    >>>>that can pull in malware.
    >>>
    >>>>> Some people claimed linux was fine without anti-virus software.
    >>>
    >>>>Linux has antivirus software, but it's primary purpose is to prevent
    >>>>viruses from deseminating to Windows clients who might access the
    >>>>Linux system as an SMB server.
    >>>
    >>>>Normally, Linux requires that the user intentionally download a script
    >>>>or application, and intentionally launch the application. If the
    >>>>application turns out to be malware, a logging mechanism can help you
    >>>>identify the perpetrator.
    >>>
    >>> With linux, if the application turns out to malware, it can't do anything
    >>> outside the user's file. Users don't have the ability to overwrite
    >>> system files.

    >
    >>In a single user, desktop system, it doesn't matter.
    >>When the users MP3 collection is gone, it's over with.

    > Irrelevent.
    >
    > Just because a user has valueable files is no reason to allow the
    > system to be trashed by everything and anything.
    >
    >
    >>> The whole windows malware epidemic is due nearly entirely due to the fact
    >>> that the default windows user is an administrator and any process can
    >>> overwrite any part of the system at any time. Just poping in a CD
    >>> is enough to wipe out a windows installation.

    >
    >>True, but the same can be said of Linux.

    > No it can't. Linux users do routine work as linux.
    >
    >>Physical access negates ANY sort of protection.

    > Irrelevent. Just because somebody in my house can trash my system is
    > noreason to let everybody on the network do the same.
    >
    >
    >>IOW that CD you got from a friend that requires root to run.

    > No. The CD is a windows autorun (read: sony rootkit, dvd with installer)
    > and it trashes the system because the user is an administrator.
    >
    >>Example: a rogue repository or a rogue program in a legit repository.

    > What the **** are you babbling about it?
    >
    >
    >>Same thing, installing programs requires root access.

    > Which is the default on windows plus autorun.
    >
    >>Is Windows worse?
    >>Yes, but Linux has the same potential, pretty much.

    > Exactly wrong. There is no way poping in a CD on a linux
    > system can autorun and run as root.
    >
    >


    Exactly why you Linux freaks are out of touch with reality.
    Your response should be required reading for any Linux advocate so he can
    learn what NOT to say.

    IOW the problem with Linux advocates is they are OS worshipers while 99
    percent of the world is interested in data and applications.

    This is one reason why Linux loses.

  14. Re: Linux security vs Windows with A/V software and firewall.

    On Jan 20, 7:13 pm, Moshe Goldfarb wrote:
    > On Sun, 20 Jan 2008 23:56:38 -0000, AZ Nomad wrote:
    > > On Sun, 20 Jan 2008 15:12:40 -0800 (PST), Rex Ballard wrote:


    > > With linux, if the application turns out to malware, it can't do anything
    > > outside the user's file. Users don't have the ability to overwrite
    > > system files.


    > In a single user, desktop system, it doesn't matter.
    > When the users MP3 collection is gone, it's over with.


    The main advantage is that because User is restricted as to where his
    files go, it becomes much easier to back up that MP3 collection, and
    much harder to load up something that will wipe it out, without being
    detected.

    Damage control is important. Microsoft has been toying with the idea
    of damage control, and almost did it with Vista. But then they
    decided to give regular users administrative rights, and the left that
    Outlook/IE/VBScript/ActiveX back-door wide open, it meant that even
    with ring zero control, the hackers could whack almost anything.

    Meanwhile, Microsoft is calling competitor software "malware" and is
    selling access to "spyware" and is threatening to disable your
    computer if you attempt to disable either function.

    > > The whole windows malware epidemic is due nearly entirely due to the fact
    > > that the default windows user is an administrator and any process can
    > > overwrite any part of the system at any time. Just poping in a CD
    > > is enough to wipe out a windows installation.


    > True, but the same can be said of Linux.
    > Physical access negates ANY sort of protection.
    > IOW that CD you got from a friend that requires root to run.


    Not quite the same thing. Remember, in Windows world, if it has a
    boot track, it can spread a virus to Windows. MS-DOS had the same
    problem. But there are so many other more effective ways of spreading
    viruses in Windows world. Look at Nimda, or sky, or bagel, or
    bugbear. These have distribution strategies which go right through
    the web interfaces, infect servers and workstations, and alter system
    libraries to the point where even attempting to remove them will
    corrupt the system to the point of being unbootable.

    Even worse, Windows will have no knowledge of how it got there, how
    long it's been there, and if the signatures have been changed, it
    might not get detected and quarantined until it has infected thousands
    of other computers.

    Nothing worse than getting a warning letter because your laptop has
    turned into a spam-bot and is sending malware to thousands of
    recipients.

    > Example: a rogue repository or a rogue program in a legit repository.


    Not really easy to muck with the repositories in Linux-world. You can
    load up an X-defaults file, and change some defaults in the X11
    Resource database, but you know when the file was added, and you know
    that either you did something that infected your own file, or someone
    else logged in using a different login, did an su to root, and put the
    corrupted Xdefaluts file into your path. If someone else did it, you
    will see the su in the log, including the name of the other user. The
    TCP log will tell you what IP address he came in from. The acct log
    will show you the commands he executed as himself, the commands he
    executed as root, and the commands he executed as you.

    Turn that computer over to the FBI, and the perpetrator could spend 5
    years in federal prison for computer trespassing.

    > Same thing, installing programs requires root access.


    The difference is that with Linux, you bring up the installer, then
    you are asked for the root password, and the ONLY program that has
    root access is the software installer, and ONLY for as long as that
    application is running.

    > Is Windows worse?


    Much worse! If you are an unprivilidged user in Windows, you can't do
    most of what you need to do. There are so many restrictions that the
    machine is practically disfunctional to any but the most basic of
    users. Some companies have tried to "lock-down" their Windows boxes,
    and all it did was annoy the staff. At the same time, it didn't stop
    the spread of viruses. There were too many "back doors".

    Since you need Administrative rights to be useful, and your company
    doesn't give you separate accounts for administrator and user, and
    doesn't make it easy to perform administrator functions in a
    controlled way from a user account, you end up with back doors that
    give you easy access the any function on the PC.

    These functions can be called using OLE attachments in Word, Excel, or
    Powerpoint files, using ActiveX controls in IE, using VBScripts which
    Call ActiveX controls from Outlook or IE.

    > Yes, but Linux has the same potential, pretty much.


    It is possible to make a Linux system vulnerable, to create back
    doors, and to whack those back doors very hard.

    > The difference is the black hats haven't attacked desktop
    > Linux yet because the target isn't big enough.


    The black hats have been going after UNIX for 30 years, since college
    professors used UNIX to store the students grades. The most notable
    successful attack was the Morris Worm in 1987, which shut down
    thousands of UNIX systems all over the country, due to a bug in a
    program that wasn't even intended to be malware.

    The success of the Morris Worm led UNIX administrators and vendors to
    audit the daylights out of the security. After all, there are UNIX
    systems that control everything from trains and traffic lights and
    electrical power plants to air traffic control systems. When there is
    ANY kind of a glitch in a UNIX system, it usually makes the national
    news.

    Linux was successfully attacked by the Lion virus, and 1 server per
    1000 in service was impacted, and of those 8,000 servers successfully
    attacked, all of them were made vulnerable by incompetent
    administrators who ignored warnings in the documentation, installing
    rsh and rlogin, setting root password to root, and other bone-head
    maneuvers that were fixed. The only reason the count was so high was
    because most of the servers that were impacted were hosted by the same
    handful of ISPs. Today, better training, certification testing, and
    other quality control procedures have improved the skills of Linux
    administrators.

    Microsoft would pay handsomely for any hacker who could successfully
    crack a few million Linux desktops without getting themselves
    arrested. Cracking Linux servers is very risky, because Linux
    administrators don't mess around. If you attempt to crack a Linux
    system, there are trip wires and honeypots and accounting triggers,
    and the tools needed to provide FBI investigators with the evidence
    they need to get a conviction and, at minimum, a 5 year prison term.
    It's not even newsworthy when a would-be hacker gets arrested, because
    it's so easy to get caught.

    In most cases, there isn't even a trial. The defense attorney tells
    his client to plead out in exchange for an ankle bracelet rather than
    5 years in Levenworth.

    > Notice how they have just started on the Mac.


    And how well is that going for them?

    > That's because the Mac is appearing on the radar screen now.


    Mac is now 14% of the market, making Apple the third largest seller of
    personal computers (though they deliberately do not call Macs PCs).

    If Apple can ramp up their production capacity, they could become
    number one in the market, outselling even HP and Dell.

    > The same thing will happen to Linux should it reach that level of
    > popularity.


    If the hacker attempts to go after a corporate Linux laptop, they
    could quickly find themselves with FBI agents (or whatever the
    national police are) knocking at the door. Typical measures used
    against Windows machines would get them arrested, and if enough
    machines were hacked, they could be facing life in prison unless they
    cooperate with authorities.

    > That being said, I will agree it's going to be a hell of a lot more
    > difficult with Linux.


    And the consequences of being caught are much more severe. Remember,
    with Windows, you actually grant permission to be hacked as part of
    your EULA. With Vista, you even agree to accept spyware and other
    malware that has been approved by Microsoft.

    Wtih Windows, there aren't many auditing tools, and very few tools for
    tracking perpetrators. There are back-doors which Microsoft refuses
    to close and lock because they use them to monitor piracy, but they
    are also available to the hackers.

    Even Melissa, which caused an estimated $30 billion in damages and
    NIMDA which did almost double that, were only caught because Linux and
    UNIX servers triggered alerts when traffic began to back-up when
    sending content to an overloaded server that was collecting password
    and indentity information.

    > However, social engineering, which is how many of these exploits work, is
    > just as good a tool with Linux as Windows.


    The problem with social engineering on Linux is that Linux provides
    much more information about the origin, the approach, and the method
    of the perpetration. You might be able to get a few users to sucker
    for the hack, but you also have the risk of attempting to crack into
    the systems that are monitored, which means that your attempt will be
    traced, and might even be triggered under a carefully monitored
    umbrella of auditing tools, which will put the perpetrator in jail
    immediately.

    Hack Windows, you get to brag about it to your friends as an anonymous
    hacker.
    Hack Linux, you go to prison facing terms from 5 years to life.

    Rex

  15. Re: Linux security vs Windows with A/V software and firewall.

    AZ Nomad writes:

    > On Sun, 20 Jan 2008 15:12:40 -0800 (PST), Rex Ballard wrote:
    >>On Jan 20, 3:50 am, Nomen Nescio wrote:
    >>> I feel more secure with my windows system builtin firewall and anti-virus software.

    >
    >>If you have ActiveX enabled, or you accept MS-Office documents as e-
    >>mail attachements, then you still aren't safe. The firewall only
    >>limits connections by external clients. Microsoft offers a number of
    >>ways to send code right through the firewalls, by getting you to "pull
    >>it in". In addition, e-mail attachments can be loaded with agents
    >>that can pull in malware.

    >
    >>> Some people claimed linux was fine without anti-virus software.

    >
    >>Linux has antivirus software, but it's primary purpose is to prevent
    >>viruses from deseminating to Windows clients who might access the
    >>Linux system as an SMB server.

    >
    >>Normally, Linux requires that the user intentionally download a script
    >>or application, and intentionally launch the application. If the
    >>application turns out to be malware, a logging mechanism can help you
    >>identify the perpetrator.

    >
    > With linux, if the application turns out to malware, it can't do anything
    > outside the user's file. Users don't have the ability to overwrite
    > system files.


    It can however mush the users directories and/or install/modify things
    in stuff like the bashrc and in any bin directory the user might have
    created in conjunction with a suitable cron entry.

    You know jack.

  16. Re: Linux security vs Windows with A/V software and firewall.

    Moshe Goldfarb wrote:

    > On Sun, 20 Jan 2008 23:56:38 -0000, AZ Nomad wrote:
    >
    >> On Sun, 20 Jan 2008 15:12:40 -0800 (PST), Rex Ballard
    >> wrote:
    >>>On Jan 20, 3:50 am, Nomen Nescio wrote:
    >>>> I feel more secure with my windows system builtin firewall and
    >>>> anti-virus software.

    [snip]
    >> With linux, if the application turns out to malware, it can't do anything
    >> outside the user's file. Users don't have the ability to overwrite
    >> system files.

    >
    > In a single user, desktop system, it doesn't matter.
    > When the users MP3 collection is gone, it's over with.


    It's very difficult to get normal Linux users to execute a particular piece
    of malware. They're simply not used to installing separate, downloaded
    executables, period. Linux users fire up a package manager, select the
    desired packages and click Install.
    Clicking on a downloaded or linked file doesn't do anything, except perhaps
    bring up a dialog asking what Linux should do with it -- and the
    option "execute" is not among the options offered.

    >> The whole windows malware epidemic is due nearly entirely due to the fact
    >> that the default windows user is an administrator and any process can
    >> overwrite any part of the system at any time. Just poping in a CD
    >> is enough to wipe out a windows installation.

    >
    > True, but the same can be said of Linux.
    > Physical access negates ANY sort of protection.
    > IOW that CD you got from a friend that requires root to run.


    There is no Linux software offered on CD. Why go through all the bother of
    creating a CD when you can simply offer the software through the package
    repo's? Linux users don't insert CD's to install software, but fire up a
    package manager, select the desired packages and click Install.

    Linux is inherently much more secure than Windows, because it traditionally
    doesn't require firing up executables from CD's or the Internet to install
    something. Most ordinary users find manually executing stuff(*) difficult
    and cumbersome -- and that's a Good Thing.

    *: Sometimes I ask users to execute an installed application from a console
    window for troubleshooting purposes. Even this simple task takes some users
    well over a minute -- simply because they're not used to it at all.

    > Example: a rogue repository or a rogue program in a legit repository.


    This requires breaking into the repository system. Which, to my knowledge,
    has happened once in all of Linux' history (in June 2004, IIRC). For all
    the rest, it's practically impossible to slip rogue code into the package
    distribution system.

    > Same thing, installing programs requires root access.
    >
    > Is Windows worse?
    > Yes, but Linux has the same potential, pretty much.
    > The difference is the black hats haven't attacked desktop Linux yet
    > because the target isn't big enough.


    Then please explain to me why all succesful automated attacks (viruses,
    worms) on servers have taken place at Windows servers, not Linux servers,
    as Linux servers are just as big a target as Windows servers. See also
    http://en.wikipedia.org/wiki/Notable...uses_and_worms, from 2000
    onwards.

    > Notice how they have just started on the Mac. That's because the Mac is
    > appearing on the radar screen now.
    > The same thing will happen to Linux should it reach that level of
    > popularity.
    >
    > That being said, I will agree it's going to be a hell of a lot more
    > difficult with Linux.
    > However, social engineering, which is how many of these exploits work, is
    > just as good a tool with Linux as Windows.


    I disagree. It all has to do with usage patterns and user expectations.
    Summarized, Windows expect to
    - Install stuff by starting executables from untrusted sources (CD's, the
    Internet),
    - Routinely run as admin,
    - Click==execute

    Linux users do none of the above. They install stuff from their package
    manager, don't run as root, and are alarmed when a root password dialog
    pops up (half of my users barely remembers their root password, because
    they hardly ever use it). And clicking an executable without the x bit set
    doesn't do anything.

    I once created a script for a user who wanted to use Rosegarden (a MIDI
    creation/editing app) with her SBLive sound card synth -- which involved
    the installations of awesfx, loading the synth and sequencer kernel
    modules, downloading and loading sound fonts, and configuring the system to
    automatically load the necessary stuff upon the next reboot.
    With this script, I supplied step-by-step instructions on how to save it to
    her home directory, open a terminal, make the script executable, switch to
    root, and execute it.
    Even with my detailed instructions, it took her at least five minutes to get
    it right. This wasn't because she was stupid or computer-illiterate, but
    because she was totally not used to this modus operandi. Yes, in Windows it
    would have been much, much easier: just click the file attached to the
    e-mail message.

    So a would-be malware distributor would not only have to think up something
    attractive enough to make people actively download it (instead of looking
    for it in their package manager), but also make them jump through all these
    hoops. I can predict that only very, very few Linux users will persevere
    and succeed in getting the malware to actually run.

    And all this doesn't even take into account the fact that Windows has vastly
    more execution mechanisms (read: security holes) and bugs than Linux.

    So in my opinion, Linux' security is vastly better than anything Windows can
    hope to achieve, both because of its superior design, and its normal usage
    pattern -- the latter of which hardly ever involves manually executing
    anything, let alone anything from untrusted sources.

    Richard Rasker
    --
    http://www.linetec.nl/

  17. Re: Linux security vs Windows with A/V software and firewall.

    Moshe Goldfarb wrote:

    > This is one reason why Linux loses.


    Ok, Linux has lost. Now go away.

    --
    Regards,

    Gregory.
    Gentoo Linux - Penguin Power

  18. Re: Linux security vs Windows with A/V software and firewall.

    Richard Rasker wrote:

    > Moshe Goldfarb wrote:




    >> Is Windows worse?
    >> Yes, but Linux has the same potential, pretty much.
    >> The difference is the black hats haven't attacked desktop Linux yet
    >> because the target isn't big enough.


    > Then please explain to me why all succesful automated attacks (viruses,
    > worms) on servers have taken place at Windows servers, not Linux servers,
    > as Linux servers are just as big a target as Windows servers. See also
    > http://en.wikipedia.org/wiki/Notable...uses_and_worms, from 2000
    > onwards.


    The wintrolls trotting out the same old "if linux was a popular as
    windoze..", "linux isn't a big target.." crap, in spite of it being
    explained to them dozens of times.

    --
    This message was sent from a
    computer which is guaranteed
    100% free of the M$ Windoze virus.
    -- PCLinuxOS 2007 --

  19. Re: Linux security vs Windows with A/V software and firewall.

    Richard Rasker wrote:



    > So in my opinion, Linux' security is vastly better than anything Windows can
    > hope to achieve, both because of its superior design, and its normal usage
    > pattern -- the latter of which hardly ever involves manually executing
    > anything, let alone anything from untrusted sources.
    >



    Gee, you know security is based upon who is sitting behind the wheel and
    is doing the driving. That also includes does one know how to implement
    security measures on an O/S and knowing how to practice safe hex.

  20. Re: Linux security vs Windows with A/V software and firewall.

    On 2008-01-21, William Poaster claimed:

    > The wintrolls trotting out the same old "if linux was a popular as
    > windoze..", "linux isn't a big target.." crap, in spite of it being
    > explained to them dozens of times.


    They need pictures. And glasses.

    --
    I tried computer dating once. I decided I preferred women. I have to
    say though, it wasn't bad up until the sex part. That was somewhat
    awkward.

+ Reply to Thread
Page 1 of 4 1 2 3 ... LastLast