North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Worms versus Bots

  • From: Jeff Workman
  • Date: Wed May 05 14:22:35 2004




--On Wednesday, May 05, 2004 6:04 AM -0400 Matthew Crocker <matthew@crocker.com> wrote:

We have all been through this before.  Linux out of the box is generally
no more secure than Windows.  Linux can also be misconfigured and hacked.
The reason why you don't see as many linux virus/worms is because there
aren't as many linux desktops.  Once Linux becomes a real player in the
residential desktop OS market you'll see more and more worms/viruses
running around because of it.  Now, I love Linux,  I have 30 linux
servers in production but it isn't the be all, end all to mass user
security.
In the past this may have been true, it's been my experience that most modern Linux distributions have adopted (more or less) the approach that OpenBSD has: Leave services turned off by default. In fact, a typical RedHat workstation installation goes a step further by not even installing a lot of services by default. Sure, Joe Sixpack can still install everything and uncomment everything from /etc/inetd.conf[1] and get himself pwned, but I don't think we have to worry much about your average computer user doing this.

-J

[1] Actually since RedHat uses xinetd, it involves a little more work to turn _everything_ on.


--
Jeff Workman | jworkman@pimpworks.org | http://www.pimpworks.org