At 01:12 AM 5/31/00 , Krikofer wrote:
>Hi. My friend had told me that Linux does not have a good
>firewall. Linux can be broken into easily (according to his job's system
>administrator). Would any of you know if this is true? He says his
>friend likes Linux. Any facts?
>
>CH
This is a topic sure to get a lot of comments. Ditto what everyone
said. Let me add that I don't know what a "good firewall" is but it sounds
obviously wrong.
So there's one fact. Next, I've seen studies on the web that suggest that
Microsoft's server security is worse than Linux. What they did was to
monitor the date when a vulnerability in a service was posted to bugtraq
and the date when a fix became available from the service's vendor. One
study compared Red Hat, Microsoft, and Sun. More recently I saw a study
that just tracked vulnerabilities that included apple and other operating
systems. The perception that Microsoft OS's are written and deployed with
fewer vulnerabilities or that they fix them "better" is apparently
factually incorrect. The facts actually encourage the opposite view.
Leaving facts aside, there is certainly the perception that Unix is more
vulnerable but I think that's just a perception. As far as I can tell, the
level of acumen of the sys admin is the biggest factor, probably the lion's
share, of the variance in security. So from a security perspective, it
may be adaptive for untrained, unskilled sys admins from installing
mission-critical applications on Linux machines. But I think security has
to be viewed in proper context; Linux offers a lot of other advantages and
I'm guessing that 95% of Linux knowledge and skills are acquired by
installing Linux and running it. In fact, getting cracked is a pretty good
way to learn about security.
-Alan
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
