For Linux fan Boys (AKA M$ antigeeks)

Discussion in 'NZ Computing' started by Collector»NZ, Jan 18, 2005.

  1. Linux fights off hackers - vnunet.com

    Open source no easy pickings
    Iain Thomson, vnunet.com 17 Jan 2005
    ADVERTISEMENT

    Linux systems are getting tougher for hackers to crack, security experts
    have reported today.

    A study by not-for-profit IT security testing organisation Honeynet
    Project has shown that, on average, Linux systems today take three
    months to fall prey to hackers, up from 72 hours in equivalent tests
    conducted between 2001 and 2002."
    http://www.vnunet.com/news/1160588
    --
    >>Follow ups may be set to a single group when appropriate!

    ======================================================================
    | Local 40.9000°S, 174.9830°E |
    ======================================================================
    "I used to jog, but the ice kept bouncing out of my glass."
    Fools ignore complexity. Pragmatists suffer it. Some can avoid it.
    Geniuses remove it
     
    Collector»NZ, Jan 18, 2005
    #1
    1. Advertising

  2. Collector»NZ

    Guest

    On Tue, 18 Jan 2005 20:03:31 +1300, Collector»NZ wrote:

    > Linux systems are getting tougher for hackers to crack, security experts
    > have reported today.


    Yes - noticed that late this afternoon. :eek:)

    Thanks anyway for posting the link to the NG.


    Divine

    --
    "Outlook is the security equivalent of wearing condoms with the ends cut
    off - for greater comfort and ease of use."
     
    , Jan 18, 2005
    #2
    1. Advertising

  3. Collector»NZ

    Peter Guest

    Collector»NZ wrote:
    > Linux fights off hackers - vnunet.com
    > Linux systems are getting tougher for hackers to crack, security experts
    > have reported today.
    > http://www.vnunet.com/news/1160588


    It says 3 of the test machines were running Redhat 7.3 as unpatched default
    install - hardly representative of any modern distro.


    Peter
     
    Peter, Jan 18, 2005
    #3
  4. Peter wrote:
    > It says 3 of the test machines were running Redhat 7.3 as unpatched default
    > install - hardly representative of any modern distro.


    you're right, it's not, but it is representative of the average home
    windows user, unpatched and oblivious to the idea of patching...

    --
    Dave.net.nz
    reply addy is e
    nice! http://www.dave.net.nz/images/link.jpg
     
    Dave - Dave.net.nz, Jan 18, 2005
    #4
  5. Collector»NZ

    froggy Guest

    On Tue, 18 Jan 2005 22:20:34 +1300, Peter wrote:

    > Collector»NZ wrote:
    >> Linux fights off hackers - vnunet.com
    >> Linux systems are getting tougher for hackers to crack, security experts
    >> have reported today.
    >> http://www.vnunet.com/news/1160588

    >
    > It says 3 of the test machines were running Redhat 7.3 as unpatched default
    > install - hardly representative of any modern distro.
    >
    >
    > Peter


    the article was based on the findings of the lads at honeynet
    the pdf they released on the subject should clear up any misunderstandings
    http://project.honeynet.org/papers/trends/life-linux.pdf

    I note on thier site they are distancing themselves from the
    windows is easier then *nix to 'hack' comparison that has ensued
    the exact breakdown of OS's was (according to the pdf )
    one RH 7.2
    five RH 7.3
    one RH 8.0
    eight RH 9.0
    and two Fedora core 1
    also
    one suse 7.2
    one suse 6.3
    two solaris sparc 8
    two solaris sparc 9
    and one freebsd 4.4

    but thier pdf tells the story better than I can
     
    froggy, Jan 18, 2005
    #5
  6. Collector»NZ

    David Preece Guest

    Peter wrote:
    > It says 3 of the test machines were running Redhat 7.3 as unpatched default
    > install - hardly representative of any modern distro.


    Even so, their "record" machine was an unpatched RH7.3 that was online,
    and uncompromised, for nine months.

    Compare and contrast with "Data from the Symantec Deepsight Threat
    Management System indicates a vulnerable Win32 system has life
    expectancy not measured in months, but merely hours".

    and

    "The limited number of Win32 honeypots we have deployed support this,
    several being compromised in mere minutes."

    Dave
     
    David Preece, Jan 19, 2005
    #6
  7. Collector»NZ

    thing Guest

    David Preece wrote:
    > Peter wrote:
    >
    >> It says 3 of the test machines were running Redhat 7.3 as unpatched
    >> default
    >> install - hardly representative of any modern distro.

    >
    >
    > Even so, their "record" machine was an unpatched RH7.3 that was online,
    > and uncompromised, for nine months.
    >
    > Compare and contrast with "Data from the Symantec Deepsight Threat
    > Management System indicates a vulnerable Win32 system has life
    > expectancy not measured in months, but merely hours".
    >
    > and
    >
    > "The limited number of Win32 honeypots we have deployed support this,
    > several being compromised in mere minutes."
    >
    > Dave


    2 of the Linux machines were also cracked using a brute force attack....

    I would like to know how long that took, gives a time indication for
    password changing.

    regards

    Thing
     
    thing, Jan 19, 2005
    #7
  8. David Preece wrote:
    > Even so, their "record" machine was an unpatched RH7.3 that was online,
    > and uncompromised, for nine months.


    > Compare and contrast with "Data from the Symantec Deepsight Threat
    > Management System indicates a vulnerable Win32 system has life
    > expectancy not measured in months, but merely hours".


    > "The limited number of Win32 honeypots we have deployed support this,
    > several being compromised in mere minutes."


    heh...

    "MS honeypot surveys cheaper to run due to quick completion"

    MS sees the above and claims that MS software is faster.
     
    Dave - Dave.net.nz, Jan 19, 2005
    #8
  9. Re: Password strength (was Re: For Linux fan Boys (AKA M$ antigeeks))

    Matthew Poole wrote:
    > It says a lot about modern computing that 5m random passwords is no
    > longer considered to be secure.


    and it is going to get worse as we get faster PCs.
     
    Dave - Dave.net.nz, Jan 19, 2005
    #9
  10. Password strength (was Re: For Linux fan Boys (AKA M$ antigeeks))

    In article <41eea560$>, thing <> wrote:
    >David Preece wrote:

    *SNIP*
    >2 of the Linux machines were also cracked using a brute force attack....
    >
    >I would like to know how long that took, gives a time indication for
    >password changing.
    >

    An interesting "vulnerability" was released for, IIRC, PHPNuke the other
    day. There's a weakness in the password-generation algorithm, and as a
    result it only produces about five million unique (random) passwords.
    It says a lot about modern computing that 5m random passwords is no
    longer considered to be secure.

    --
    Matthew Poole Auckland, New Zealand
    "Veni, vidi, velcro...
    I came, I saw, I stuck around"

    My real e-mail is mattATp00leDOTnet
     
    Matthew Poole, Jan 19, 2005
    #10
  11. Collector»NZ

    thing Guest

    Dave - Dave.net.nz wrote:
    > David Preece wrote:
    >
    >> Even so, their "record" machine was an unpatched RH7.3 that was
    >> online, and uncompromised, for nine months.

    >
    >
    >> Compare and contrast with "Data from the Symantec Deepsight Threat
    >> Management System indicates a vulnerable Win32 system has life
    >> expectancy not measured in months, but merely hours".

    >
    >
    >> "The limited number of Win32 honeypots we have deployed support this,
    >> several being compromised in mere minutes."

    >
    >
    > heh...
    >
    > "MS honeypot surveys cheaper to run due to quick completion"
    >
    > MS sees the above and claims that MS software is faster.


    Interesting that Symantec either did not also run similar tests with
    Linux or chose not to release the results.

    Classic Corporate action, if it does not suit/support our business model
    dont advertise that fact.

    So without independant studies funded by Governments and/or Universities
    how can we ever trust the majority of the data presented?

    regards

    Thing
     
    thing, Jan 20, 2005
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Monica Krowley

    MY LONG LIST aka SO MANY MODELS aka HELP

    Monica Krowley, Sep 3, 2003, in forum: Digital Photography
    Replies:
    27
    Views:
    768
    Marcia Beinhauer
    Sep 8, 2003
  2. Chinkas tu madre

    Sarah aka Margolotta aka Mentally Sub-Normal

    Chinkas tu madre, Oct 24, 2006, in forum: Computer Support
    Replies:
    0
    Views:
    543
    Chinkas tu madre
    Oct 24, 2006
  3. Giuen
    Replies:
    0
    Views:
    1,009
    Giuen
    Sep 12, 2008
  4. RichA

    Plastic turns boys into "nancy boys."

    RichA, Nov 16, 2009, in forum: Digital Photography
    Replies:
    22
    Views:
    869
    John A.
    Nov 23, 2009
  5. Bystander

    Re: Okay Fan Boys (Mac v PC) try this one

    Bystander, Feb 2, 2010, in forum: NZ Computing
    Replies:
    1
    Views:
    409
    Bystander
    Feb 4, 2010
Loading...

Share This Page