Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Linux fights off hackers
vnunet.com ^ | 17 Jan 2005 | Iain Thomson

Posted on 01/17/2005 10:56:25 PM PST by N3WBI3

A study by not-for-profit IT security testing organisation Honeynet Project has shown that, on average, Linux systems today take three months to fall prey to hackers, up from 72 hours in equivalent tests conducted between 2001 and 2002.

The 2004 results came after a team of researchers set up 19 Linux and four Solaris 'honeypots' in eight countries including the UK. Honeypots are unpatched internet-connected computers designed to be targets for hackers.

"Default installations of Linux distributions are getting harder to compromise," said the report.

"New versions are more secure by default, with fewer services automatically enabled, privileged separation in services such as OpenSSH, host-based firewalls filtering inbound connections, stack protection for common threats and other security mechanisms."

During the tests only four Linux honeypots were compromised (three running Red Hat 7.3 and one with Red Hat 9). Two of those systems were broken by brute force password attacks rather than by operating system vulnerabilities.

By contrast unpatched Windows systems exposed in a similar way in tests last year by Symantec lasted a few hours, or in some cases minutes.

But there was bad news for Solaris users, with three out of the four honeypots running Solaris 8 or 9 hacked within three weeks. However, a fourth has been online for six months without being compromised.


TOPICS: Miscellaneous; Technical
KEYWORDS: computersecurity; linux; security; spyware
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 101-111 next last
To: N3WBI3
RH9 is not all that bad, its the base for RHEL 2.

Yeah, I know. I wasn't trying to imply that it is a bad distro--just that later versions (Fedora, etc.) have the latest patches/fixes/etc. which would make them less vulnerable.

21 posted on 01/18/2005 7:37:19 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 17 | View Replies]

To: explodingspleen
If go with the bleeding edge, you get nifty new toys, but the trade off is that they haven't been as thoroughly debugged/security hardened as older software.

This is also true. Another trade-off is that the older bugs/security issues are probably fixed, but new ones are found. I stick with distros that are as new as possible to avoid dealing with known issues, while expecting some new issues, and a few minor stability issues. And so far, it's paid off. I have no security issues exploited, and it is much more stable on my laptop than Windows ever was.

22 posted on 01/18/2005 7:40:38 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 19 | View Replies]

To: ShadowAce

RH9, through the fedora legacy project does have the latest fixes, if youre talking out of the box than yes a newer version ( I might stay on FC1 as its is 2.4 ) but not the newest is better..


23 posted on 01/18/2005 8:22:18 AM PST by N3WBI3
[ Post Reply | Private Reply | To 21 | View Replies]

To: N3WBI3
I guess it depends on your needs, too. I know I wouldn't put the latest Fedora in a business production environment, but for personal use, I htink it's great.

On another note (It mentions this article above), Groklaw has this interesting article posted:

You can read the news in English, French, or German -- French police ("la Gendarmerie Nationale française") will be switching to OpenOffice.org from Microsoft Office, according to the French industry news service Toolinux:

By the end of January some 35,000 PCs and workstations are to be equipped with the open source office suite; by this summer the number is to reach 80,000. The French police expect to be able to cut costs amounting to more than two million euros by this move.

Maybe they are thinking about security issues, which you can read about in this article about how Linux is getting harder to crack (a new Honeynet Project study shows it now takes up to three months to compromise a default Linux installation, compared to mere hours for unpatched Windows, according to tests by Symantec last year), or in this Linux Journal article, "Linux in Government: How Security Exploits Threaten Government Infrastructures" by Tom Adelstein, which I found on Novell's website. They have been providing some fine antiFUD and informative material there. On their website today, for example, you can find the following:

There is plenty more where that came from.


24 posted on 01/18/2005 8:30:02 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 23 | View Replies]

To: ShadowAce
Been reading slashdot and came across this:

Unprotected PCs can be hijacked in minutes

Looks like we have a thread on FR here (posted 11/30/2004):

Unprotected PCs Fall To Hacker Bots In Just Four Minutes

25 posted on 01/18/2005 10:13:46 AM PST by Ernest_at_the_Beach (A Proud member of Free Republic ~~The New Face of the Fourth Estate since 1996.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: N3WBI3

I will never run another windows server again.


26 posted on 01/18/2005 10:15:28 AM PST by ezo4
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

I use IPCop firewall for my Firewall.

http://ipcop.org/


27 posted on 01/18/2005 6:03:36 PM PST by amigatec (There are no significant bugs in our software... Maybe you're not using it properly.- Bill Gates)
[ Post Reply | Private Reply | To 13 | View Replies]

To: ShadowAce
I've got an old (Pentium 120) with Linux installed that acts as my firewall.

Is that what you use on the internet? Broadband?

I have a P200 gathering dust. Hmmmm

28 posted on 01/18/2005 6:27:14 PM PST by Vinnie
[ Post Reply | Private Reply | To 13 | View Replies]

To: N3WBI3
More good news for Linux users..

You mean more propoganda from foreign sites you take as the gospel.

29 posted on 01/18/2005 7:43:26 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 2 | View Replies]

To: Vinnie
Is that what you use on the internet? Broadband?

Yep. And yep again. It really doesn't take a lot of CPU power to run an ethernet card. The CPU can handle a lot more bandwidth than any ethernet card on the market.

Keep in mind, though, that this is a dedicated firewall. It is not a desktop machine. In fact, it doesn't even have a monitor. The only reason it's got a keyboard is because the BIOS won't boot without it (It's an OLD machine :) )

30 posted on 01/18/2005 8:04:03 PM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 28 | View Replies]

To: Golden Eagle

I take nothing other than the Bible as gospel. I have worked enough with Linux over the past 3 years to see the improvement in the distros..


31 posted on 01/18/2005 9:56:34 PM PST by N3WBI3
[ Post Reply | Private Reply | To 29 | View Replies]

To: Vinnie
You can use a number of Linux firewall distro's on it.
IPCop
Smoothwall
Clarkconnect
E-Smith

I use IPCop on a P166 with DSL and it works great. No monitor or keyboard.



Keep in mind these are complete distro's and turn any PC into a dedicated firewall. I set mine on the floor and use it for a printer stand.
All of these are MUCH better then buying a Linksys or something similar.
I hardy even know its there.
32 posted on 01/19/2005 4:57:19 AM PST by amigatec (There are no significant bugs in our software... Maybe you're not using it properly.- Bill Gates)
[ Post Reply | Private Reply | To 28 | View Replies]

To: amigatec; Vinnie

Linksys doesn't have a list of holes like this. 539 listed for the Red Hat distro alone.

http://lwn.net/Alerts/


33 posted on 01/19/2005 6:20:24 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 32 | View Replies]

To: explodingspleen
the original firewalls were basically just computers running linux with a couple of NICs running a glorified ipfilters process and little else...
34 posted on 01/19/2005 6:30:03 PM PST by chilepepper (The map is not the territory -- Alfred Korzybski)
[ Post Reply | Private Reply | To 3 | View Replies]

To: chilepepper; explodingspleen

What a crock! I know you guys worship your clone from Finland, but get real.

http://dmsweb.badm.sc.edu/mgsc890/firewalls/fire2.htm#history


35 posted on 01/19/2005 6:50:59 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 34 | View Replies]

To: N3WBI3

I put Mandrake 10.2 on a computer that has WinXP on it. For security reasons, I'm thinking of doing my on line financial exclusively on Linux. It works great except for screen resolution, which I have to learn to properly adjust. It can "see into" my NFTS partitions.


36 posted on 01/19/2005 6:57:27 PM PST by dennisw (G_D: Against Amelek for all generations.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce; Vinnie
My primary firewall is a Pentium Pro 180 , 64MB RAM, running OpenBSD. It also runs Snort for intrusion detection.

My secondary firewall is a Pentium 75, 32MB RAM, running OpenBSD. No intrusion detection. It doesn't quite have the stuff to run Snort.

I run CARP between them. (CARP comes with OpenBSD) It allows the secondary to seamlessly take over in case there's a hardware failure on the primary.

Both of them are configured to filter out 95% of the spam aimed at my mailserver using spamd, a greylisting engine.

Neither one of them goes over 30% CPU utilization on my 3MB circuit.

Unix OSs work quite happily on hardware that won't even boot Windows 2000.

37 posted on 01/19/2005 7:09:20 PM PST by Knitebane (Happily Microsoft free since 1999.)
[ Post Reply | Private Reply | To 30 | View Replies]

To: dennisw

You can try to use Linux for online finance, but good luck finding any applications other than a basic browswer that banks will accept. For advanced features you're going to need Quicken, or Money, or forget it. At least that's the case with my two banks. I'd highly recommend Quicken, not only better but works with Apple as well.


38 posted on 01/19/2005 7:09:56 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 36 | View Replies]

To: Knitebane
My primary firewall is a Pentium Pro 180 , 64MB RAM, running OpenBSD...My secondary firewall is a Pentium 75, 32MB RAM, running OpenBSD.

*BSD is better for this than linux, I would definitely agree.

39 posted on 01/19/2005 7:13:02 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 37 | View Replies]

To: Golden Eagle
And to compare that to a Microsoft OS is pointless.

Unless you want to add to the list:

1. Office 2000 and WordPerfect Office
2. All of Microsoft and Borland development products.
3. Three more web browsers
4. Twelve more mail clients
5. And around 3000 other pieces of software.

And then your little list would be a real comparision.

Now, if you want to dig through that list and come up with the Linux kernel and the RedHat provided utilities and make that comparison, I won't complain.

Until then, until you figure out how to compare apples to apples and not apples to the entire Imperial Valley, go away and take your silly little list with you.

40 posted on 01/19/2005 7:16:06 PM PST by Knitebane (Happily Microsoft free since 1999.)
[ Post Reply | Private Reply | To 33 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 101-111 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson