Hi! On Thu, 13 Dec 2001 12:04:33 +0100 (MET) Andor Demarteau <ademarte@students.cs.uu.nl> wrote: > Scriptkiddies you mean. The "scriptkiddies" are the users. The people who write the scripts are, themselves, much more talented. Most of the time they *do* *not* use their own scripts to do damage. They just discover a security problem, test it a couple of times, write a script to prove that it is a real and present danger (and not just a theoretical one) and send the whole thing to the software company and to some security web site, such as BugTraq. > > The (other) sad truth is that Linux (and many other systems) > > are full of security problems -- and that the only way to > > make big companies such as Microsoft or Sun respond quickly > > to security threats is to publish the scripts I just mentioned > True, but even then MS still doesn't do anything (or at least not enough) Actually, Microsoft usually reacts pretty quickly. The problem is the sheer number of security problems discovered every week. And also the fact that MS Windows is such a huge beast that one patch may well create new security issues or even break Windows down... This has happened recently. And the number of patches means most administrators do not have enough time to apply them all to all their machines -- leaving servers exposed to worms, viruses and script kiddies. > btw, Linux has nothing to do with Sun mindyou. Sun has there own OS named > Solaris. True. I was only giving Sun as an example of a big company that was very slow to patch their security problems. Their situation has improved somehow in the last few years, though. > > If you want a (Unix-like) operating system that was designed > > with security in mind, you should use OpenBSD (which can be > > found at: http://www.openbsd.org). > NetBSD as in this list as well. True, but NetBSD is not designed, first and foremost, with security in mind. OpenBSD is NetBSD + several years of security auditing of the source code. NetBSD has got an excellent track record, though, but its emphasis is on portability, not security. > Tus, a secured linux-box can be better then a nonsecure bsdbox. That's the problem with Linux: most distributions install way too many services on a machine. In my opinion, a workstation should have OpenSSH enabled (for distant administration) and not anything else. Most Linux distributions, trying to help the beginner user, throw in lpr, bind, Apache, FTP, telnet, NFS, etc, etc... All of which make a machine very insecure. Which is why BSD has a small edge over Linux in this regard: in a BSD system you have to activate all the services you want to run -- the rest are inactive by default, which makes the machine a little harder to configure but much more secure by default. > I wonder how good there security really was and what kind of > attack was used. "Computer Forensics", meaning understanding what went wrong and what the "hacker" did to the machines he/she attacked is a very difficult subject. Especially if a "root kit" (compromised binaries) was installed... Regards, _______________________________________________ Gil Andre -- Technical Writer -- Knox Software gandre@arkeia.com _______________________________________________