« Trip | Home | Recent Comments | Categories | Slachtoffer overval jaagt dader de dood in »
Linux fights off hackers
[Quote:]
Linux systems are getting tougher for hackers to crack, security experts have reported today.
A study by not-for-profit IT security testing organisation Honeynet Project has shown that, on average, Linux systems today take three months to fall prey to hackers, up from 72 hours in equivalent tests conducted between 2001 and 2002.
The 2004 results came after a team of researchers set up 19 Linux and four Solaris ‘honeypots’ in eight countries including the UK. Honeypots are unpatched internet-connected computers designed to be targets for hackers.
“Default installations of Linux distributions are getting harder to compromise,” said the report.
“New versions are more secure by default, with fewer services automatically enabled, privileged separation in services such as OpenSSH, host-based firewalls filtering inbound connections, stack protection for common threats and other security mechanisms.”
During the tests only four Linux honeypots were compromised (three running Red Hat 7.3 and one with Red Hat 9). Two of those systems were broken by brute force password attacks rather than by operating system vulnerabilities.
By contrast unpatched Windows systems exposed in a similar way in tests last year by Symantec lasted a few hours, or in some cases minutes.
But there was bad news for Solaris users, with three out of the four honeypots running Solaris 8 or 9 hacked within three weeks. However, a fourth has been online for six months without being compromised.
|
Hello, it’s a NOT FOR PROFIT company doing the testing here, a bunch of people who don’t even care about making money. Weren’t you listening when those people were unmasked for the communists they are? Naturally they’re going to side with all the other patent-infringing, music-downloading commies out there. If they’re not making a profit, don’t you wonder what their incentives actually are? Clearly there’s some kind of power play: once they’re in charge, we’ll get a centrally managed IT world in which everyone is required to run command-line-only installations of Knoppix. We all know that the only way to manage digital rights, protect the free market, and retain the pursuit of happiness is to install Windows.
There’s a LOT of context and subtlety to this news item that isn’t reflected in the extract quoted in the post.
For example, while the article mentions increased Windows market share at the very end, it does not explicitly remark on the fact that compromised hosts were found only by automated or random attacks against raw IP addresess; thus, the percentage of Linux machines among Windows ones and even the distribution over different subnets matter. Some machines had traditionally vulnerable services enabled, and some had admittedly bad user passwords. These are sensible things to test, but hard to include in an overall roll-up of results.
In general, the averaged time-to-compromise numbers are silly given the very small sample and diversity of OSes involved. It’s even unclear whether the OSes are getting much better, or if hacking activity against certain targets may be down. Thwarted attacks are not tracked.
Talking about unpatched Windows hosts is only interesting to note that apparently you can’t manage to install SP2 fast enough to prevent getting hacked.