The biggest thing in my book is the ability to limit exposure. Let's say you are running two machines - a Linux box running Apache and a Windows box running IIS. Apache runs as an unprivileged user while IIS runs as root. Now, let's say an exploit comes out on the same day for both Apache and IIS, both allowing a full shell access onto the box.
Question - are these the same severity? Answer - Not even close. In the case of apache, the attacker has essentially achieved guest-level access. In the case of IIS, the attacker has achieved administrator-level access and can do whatever he wants. In the case of Apache the attacker would have to find yet another exploit in order to raise his privileges. Does Microsoft support running services as normal guest-level users? Theoretically, yes. Practically - most Windows services won't run correctly as a guest-level user. In addition, with Linux, you can further limit your exposure using chroot. For example, I have Postfix (probably _the_ most secure mail server on the planet) configured in a chroot jail. That means that the Postfix server only sees the directory that contains the mail queue - it doesn't even know the rest of the filesystem exists! If someone were to happen to miraculously find an exploit for Postfix, the _worst_ they could do is smash the mail queues, because the rest of the system is not even available to them. For example, I keep my mail spools in /var/spool/postfix. However, I have my Postfix servers chrooted to /var/spool/postfix. That means that they view /var/spool/postifx as /. They can't get out of the directory, because they are at the top! In addition, Linux and it's related servers are open to external review. If you don't think something is secure, review it yourself and find out! You cannot do this with Windows. Why do you think Windows doesn't open itself up to this review process? Well, Mr Ballmer said under oath that doing so would reveal security problems that would be devastating. Finally, you can get support from multiple organizations. With Microsoft, only they can provide fixes - so your problem has to be on Microsoft's priority list. With Linux, if someone isn't handling your problems with proper speed, you can contract out to ANY COMPETENT DEVELOPER to help you out. With Microsoft, you do not have this option. With Linux, security is open to public review and criticism. With Windows, you ave to trust them, and that's a HUGE conflict of interest. Jon On Wed, 25 Jun 2003, Lazor, Ed wrote: > How secure the system is depends more on configuration, how well you keep up with > updates / patches, and whether you take time to configure security tools (firewalls, > tripwire, etc.). > > Linux comes with all kinds of things installed and enabled by default. IMHO that > makes the default installation less secure, especially if you're not familiar enough > with Linux to go through and disable or secure everything on the system. > > > > > -----Original Message----- > > Hello, > > > > I'm trying to sell my boss on replacing our Win2k IIS web > > server with a RH8/9 Apache server. Although it's my > > understanding that Linux is more secure than windows I really > > don't have much to point out in defense on that idea. > > > > Please list for me reasons why you believe (or know for a > > fact) that Linux is more secure than our current setup. Let's > > assume two different situations: 1. Out of the box with a > > standard install, 2. Standard install, fully patched. > > > > > > Thanks a lot, > > Chris. > > > DISCLAIMER: > This message is intended for the sole use of the individual to whom it is addressed, > and may contain information that is privileged, confidential and exempt from > disclosure under applicable law. If you are not the addressee you are hereby > notified that you may not use, copy, disclose, or distribute to anyone the message > or any information contained in the message. If you have received this message in > error, please immediately advise the sender by reply email and delete this message. > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED] > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
