about windows 95 password security: I have some c source here that will decript a windows 95 password in about half a second on an sgi challange from 1995. that's pretty shitty security. On Mon, Jan 19, 2004 at 10:29:42PM -0500, Tom and Esther Ward wrote: > Hi, when comparing Linux to Windows for internet security you need to keep > many factors in mind. > > 1. The Linux operating system has contained innetwork > firewall for years before Microsoft decided it was a good idea to add one to > XP. A firewall is very helpful for blocking access to your internet ports, > and controles what access is allowed in and out. Including blocking data > traffic from a addware such as spy ware. > 2. Linux ships with port scanners such as nmap which is very helpful in > determain what ports are opened and closed, and you can adjust your system > services and firewall to secure them. > 3. Linux password security for many years was and in ways is still more > secure than MS Window's. > For example for many years all passwords in Linux has been md5 encrypted, > and unlike Windows 95 and 98 the old hit the escape key trick would never > work If you pick a good password a brute force attack is really unlikely on > cracking a md5 encryption, but not impossible. > Do you think a Window's XP password is secure? No it isn't, because that > admin password is stored in the system registry, and yes you can hack the > admin password and change it remotely. You can't as easily do that in Linux, > and there is no registry to worry about. > 4. Worm's and virus's don't have as much success in Linux do to a totally > user permission environment. Number the Outlook Express virus's that pop up > using VBA scripts have 0 chance of success because balsa, mutt, pine, and > other emails don't have such garbage as Outlook scripts. > So the only way a virus really can get on your system is if you clicked on > it, or installed it. > It couldn't shutdown your system, format your hard drive, nuke your kernel, > or half the stuff Window's virus's enjoy because if they don't have root > permissions they are done. > 5. Cookies aren't really a big deal as you can of course refuse to except > them if you wish. Even MS Window's will allow you to choose to accept a > cookie. So I tend only to accept a cookie from a site where it appears to be > safe or useful. > 6. Even though Mozilla is far from accessible yet it does have pop up > blockers, cookie filters, and various other nifty security tricks I feel > Internet Explorer lacks. > 7. Most distros such as Red Hat, Mandrake, have erottas which announce > discovered bugs, security holes, and they have a great turn around for > getting the patches posted. > 8. Linux is open source and the code is checked by several people to see > that it is clear of back doors, trogens, and various other things which > happen to slip in to window's software, because no one can really check > Microsoft to make sure that they didn't put a nice little spyware in there > to spy on you or that they have a unknown port open where they use as a nice > little back door. > 9. Linux has very good logs which if you know what to look for you can use > them to great effect to see if someone tried to break in, pinged you, that > someone tried to access a port, bla bla bla. > 10. The majority of hacks, cracks, virus's, worms and so forth are > specifically directed towards MS Window's. As such the tricks that made big > name virus's like Melissa, Pritty Park, the new Swin virus's so popular are > dead upon hitting a Linux system. > Once upon a time when i started using Linux I use to save all infected pine > attachments, and had a zip disk of pritty park, kagro, and a string of other > virus's that hit my inbox and then died on my box because it couldn't do > anything else. > > Bottum line MS Window's operating systems were not designed for something > like the internet. If you remember 3.1 the internet was something you added > on by getting a dialer, web browser, and made it work. As the internet grew > Window's was found horribly unsecure by such common examples of walking by a > buddies Window's 95 computer and pressing escape at the password prompt and > got in to do whatever whenever. > In Win 95 I could remotely grab files from a computer simply accessing the > c: drive using netbios. There litterally was nothing to stop someone from > deleating or modifying files on that computer once you got in. > Early versions of Win NT could be crashed remotely simply by doing a packet > flooding attack using ping. > Point is that Linux has been rock solid on the internet andon networks for > keeping the wrong people out or away from crashing it where Microsoft > Window's has to constantly patch this or that every single time they find a > major hole the left open. > > > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup -- Always borrow money from a pessimist; he doesn't expect to be paid back.
