Operating Systems > Linux and UNIX
Linux vs Windows a real life comparison
WMD:
--- Quote from: cymon ---If the only reason Windows is attacked more is it's higher marketshare, then why is IIS attacked more than Apache httpd?
--- End quote ---
It's not. Arguably, IIS has has the more famous attacks, but not as many.
toadlife:
--- Quote from: cymon ---If the only reason Windows is attacked more is it's higher marketshare, then why is IIS attacked more than Apache httpd?
--- End quote ---
It's not. Website defancements nowadays pretty much reflect marketshare numbers, with 65% hitting linux and 25% hitting windows. Check out Zone-H.org's 2003-2004 report on website defacements.
--- Quote ---Also, consider this. While the Macintosh has a low market share, one common use for them is pro film editing. Since they dominate that market, someone with an axe to grind against the MPAA could put together a virus for OSX, and kill the movie studios.
So if the Mac doesn't have better security, then why hasn't this happened?
--- End quote ---
Herd Immunity. There are simply not enough Macs out there.
--- Quote ---Could it be that Unix systems are more secure?
--- End quote ---
No, they are more obscrure - though this type of obscurity can lead to higher 'security'
--- Quote ---This so called Windows Firewall is a joke.
--- End quote ---
Actually it does exactly what it was designed to do - protect computers from network worms. Microsoft wanted to protect customers computers, not enter the firewall market.
--- Quote ---Does it have HIPS, or any of the other things that you pay for in a real firewall?
--- End quote ---
Again....It's not meant to be an advanced firewall.
--- Quote ---One thing I would like to see is a firewall that automatically gets a list of MAC addresses used by crackers, and automatically blocks them, sort of like PeerGuardian. Now, since Unix systems are open-source, at least the kernels, one could easily add this to Slackware or Debian or FreeBSD. But since Windows is closed source, you can't add it to the system.
--- End quote ---
Your ignorance of networking is showing here. It impossible to get the MAC address of a computer which is not on your local network. This feature is not in PeerGuardian or any other firewall products because it's impossible to do.
--- Quote ---Another issue is not just IE, but Outlook. They both use the same rendering engine, so a VB script will execute automatically in both IE or OE. And since there's no way to remove either, and IE is the file browser, that's a big hole. Now I know you can get the patches, but isn't a secure system supposed to hold it's own against crackers WITHOUT relying on a patching mechanism?
--- End quote ---
Holy shit, the ingorance train keeps rolling! First of all, firefox and thunderbird both use the same engine. IN KDE Koneror is also the filebrowser - and contrary to what you think, IE is not Widnows filebrowser. Explorer jsut has the ability to call IE's html engine to display web pages. Konqeror does this too.
--- Quote ---Now will Windows' stellar security features encrypt my entire disk drive, or my home folder, like MacOSX.
--- End quote ---
Yes, windows can encrypt data, and the encrpytion cannot be cracked any easier than any other OS's file encryption. Full drive encryption is not available yet, but that is overratted IMO. The users file are what is important.
--- Quote ---You won't get code sharing, you'll just get a shoddy DLL, which can be replaced with one with malicious code. The only thing stopping this from happening is File Protection Services, which just checks the name. The fix for the .WMF hole was a DLL of the same name./quote]
Not sure sure WTF you are talking about here. Windows file encryption is jsut as secure as other OS's file encryption.
--- Quote ---Now you could have a secure Windows box as long as you don't use IE, don't run as root, have a virus scanner, don't use Outlook, etc....
But the fact that all that is required to run Windows safely is proof that Windows is NOT secure, that it is a breaking dam, and that all those virus scanners are just delaying it's inevitable collapse.
--- End quote ---
I'm still waiting for that collaspe. I'll let you know when it happens.
--- End quote ---
cymon:
--- Quote from: toadlife ---Again....It's not meant to be an advanced firewall.
--- End quote ---
But if Windows computers are the most attacked, perhaps an advanced firewall is necessary. Since after all, Microsoft want's to secure their PC's, right?
--- Quote from: toadlife ---Holy shit, the ingorance train keeps rolling! First of all, firefox and thunderbird both use the same engine. IN KDE Koneror is also the filebrowser - and contrary to what you think, IE is not Widnows filebrowser. Explorer jsut has the ability to call IE's html engine to display web pages. Konqeror does this too.
--- End quote ---
My point wasn't to slam MS for using the same engine, it was to point out that Outlook is as insecure as IE.
piratePenguin:
--- Quote from: toadlife ---It's not. Website defancements nowadays pretty much reflect marketshare numbers, with 65% hitting linux and 25% hitting windows. Check out Zone-H.org's 2003-2004 report on website defacements.
Herd Immunity. There are simply not enough Macs out there.
No, they are more obscrure - though this type of obscurity can lead to higher 'security'
--- End quote ---
There are other important factors to take into account other than market share. Apache has proved this (whether it still holds true, I don't care). Whether the application was designed to be secure is one of them. NEVER FORGET than Windows doesn't setup a user account. As a result of that, there are HUNDREDS OF MILLIONS more super-Windows-users on the internet. Who do you THINK the crackers will target? Windows was asking for it, Mac OS X/many GNU/Linux distributions aren't.
--- Quote ---
Actually it does exactly what it was designed to do - protect computers from network worms. Microsoft wanted to protect customers computers, not enter the firewall market.
Again....It's not meant to be an advanced firewall.
--- End quote ---
Still, Linux has an excellent firewall, so does the BSDs and Mac OS X. Why doesn't Windows? It's the most used OS, it MUST be secure and it MUST have a REALLY good firewall to stop attackers.
--- Quote ---
Your ignorance of networking is showing here. It impossible to get the MAC address of a computer which is not on your local network. This feature is not in PeerGuardian or any other firewall products because it's impossible to do.
--- End quote ---
Can't iptables do it? Or does it only work for the local network?
http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/12/iptables-mac-address-filtering.php
cymon:
Besides, with MS Anti-Spyware, it looks like they're going into security. Why not go for an advanced firewall?
One thing that would be nice is something like OSX, when you go to do something that needs admin permissions, you supply an admin username and pass, just like sudo. That would be great. Even better, use bundles, then you don't have to install anything besides the bundle, just put that into a folder with rwx all around.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version