A topic of concern in Linux
Tom and Esther Ward
tward1978 at earthlink.net
Mon Jan 19 22:29:42 EST 2004
Hi, when comparing Linux to Windows for internet security you need to keep
many factors in mind.
1. The Linux operating system has contained innetwork
firewall for years before Microsoft decided it was a good idea to add one to
XP. A firewall is very helpful for blocking access to your internet ports,
and controles what access is allowed in and out. Including blocking data
traffic from a addware such as spy ware.
2. Linux ships with port scanners such as nmap which is very helpful in
determain what ports are opened and closed, and you can adjust your system
services and firewall to secure them.
3. Linux password security for many years was and in ways is still more
secure than MS Window's.
For example for many years all passwords in Linux has been md5 encrypted,
and unlike Windows 95 and 98 the old hit the escape key trick would never
work If you pick a good password a brute force attack is really unlikely on
cracking a md5 encryption, but not impossible.
Do you think a Window's XP password is secure? No it isn't, because that
admin password is stored in the system registry, and yes you can hack the
admin password and change it remotely. You can't as easily do that in Linux,
and there is no registry to worry about.
4. Worm's and virus's don't have as much success in Linux do to a totally
user permission environment. Number the Outlook Express virus's that pop up
using VBA scripts have 0 chance of success because balsa, mutt, pine, and
other emails don't have such garbage as Outlook scripts.
So the only way a virus really can get on your system is if you clicked on
it, or installed it.
It couldn't shutdown your system, format your hard drive, nuke your kernel,
or half the stuff Window's virus's enjoy because if they don't have root
permissions they are done.
5. Cookies aren't really a big deal as you can of course refuse to except
them if you wish. Even MS Window's will allow you to choose to accept a
cookie. So I tend only to accept a cookie from a site where it appears to be
safe or useful.
6. Even though Mozilla is far from accessible yet it does have pop up
blockers, cookie filters, and various other nifty security tricks I feel
Internet Explorer lacks.
7. Most distros such as Red Hat, Mandrake, have erottas which announce
discovered bugs, security holes, and they have a great turn around for
getting the patches posted.
8. Linux is open source and the code is checked by several people to see
that it is clear of back doors, trogens, and various other things which
happen to slip in to window's software, because no one can really check
Microsoft to make sure that they didn't put a nice little spyware in there
to spy on you or that they have a unknown port open where they use as a nice
little back door.
9. Linux has very good logs which if you know what to look for you can use
them to great effect to see if someone tried to break in, pinged you, that
someone tried to access a port, bla bla bla.
10. The majority of hacks, cracks, virus's, worms and so forth are
specifically directed towards MS Window's. As such the tricks that made big
name virus's like Melissa, Pritty Park, the new Swin virus's so popular are
dead upon hitting a Linux system.
Once upon a time when i started using Linux I use to save all infected pine
attachments, and had a zip disk of pritty park, kagro, and a string of other
virus's that hit my inbox and then died on my box because it couldn't do
Bottum line MS Window's operating systems were not designed for something
like the internet. If you remember 3.1 the internet was something you added
on by getting a dialer, web browser, and made it work. As the internet grew
Window's was found horribly unsecure by such common examples of walking by a
buddies Window's 95 computer and pressing escape at the password prompt and
got in to do whatever whenever.
In Win 95 I could remotely grab files from a computer simply accessing the
c: drive using netbios. There litterally was nothing to stop someone from
deleating or modifying files on that computer once you got in.
Early versions of Win NT could be crashed remotely simply by doing a packet
flooding attack using ping.
Point is that Linux has been rock solid on the internet andon networks for
keeping the wrong people out or away from crashing it where Microsoft
Window's has to constantly patch this or that every single time they find a
major hole the left open.
More information about the Speakup