On 31-May-00 at 18:44:52 Alan Mead wrote:
> At 01:12 AM 5/31/00 , Krikofer wrote:
>>Hi. My friend had told me that Linux does not have a good
>>firewall. Linux can be broken into easily (according to his job's system
>>administrator). Would any of you know if this is true? He says his
>>friend likes Linux. Any facts?
>>
> This is a topic sure to get a lot of comments.
>
I imagine so...! :-)
> Leaving facts aside, there is certainly the perception that Unix is more
> vulnerable but I think that's just a perception.
>
You're talking unix here as opposed to linux. I think people would agree
that the 'old' perception of Unix being unsecure was true - Unix boxes at
Universities was a prime target for hackers (or is that crackers - I can
never remember which is which) :-) I can't say that I hear so much about
linux boxes being hacked into as much as we used to here of unix boxes (we
are going back many years now though! :-))
> ...the level of acumen of the sys admin is the biggest factor, probably
> the lion's share, of the variance in security.
>
Yup, must agree 100% there. There are still some companies - and I know
since we have to use one of them - which apparently *must* run old versions
of Sun Solaris and allow root logins from anywhere - even remotely over the
net. Even applying patches (and y2k patches!) was not recommended by the
company. As such Unix systems can be very unsecure. I have denied
responsibility for these boxes at the Uni because they are so unsecure.
I think, however, that the original question should be fired back at the
'sys admin' - why does he say that they 'can be broken into easily'?
Then the security issue could be put into a proper context with regard
to the systems he is talking about. Simply to state that linux boxes
are unsecure without justification is a bit idiotic.
John.
--------------------------------------------------------------------------
John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
E-mail: [EMAIL PROTECTED]
PGP key available from public key servers
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
