At the risk of being terribly unpopular I thought I'd share my personal experience.
For 6 months I was running a Windows NT 4.0 based web, ftp and email server (exchange 5.5) with the latest service packs (SP 6a+), and a weekly "Windows Update". These machines for their lifetime were completely unhacked. My email server wasn't an open relay, all was right with the world :). 4 months ago I switched to Redhat 7.2 - patched weekly with the Redhat network. This infrastructure was hacked repeatedly, my email server was an open relay, my ftp server was being brought down every other day, my web server had the apache service brought down repeatedly, I was rebuilding my boxes every three days. In short it was HELL. I switched to Debian Woody about three weeks ago, installing the bsd based ftp server (not that leaky wu-ftpd), the latest apache, exim, and cyrus. So far so good - no hacks, reject log shows the bounced relay requests, and the web service has been solid (although a browse through the logs shows the buffer and cgi attacks being tried). In short the article is almost right: - Older Linux Distributions ARE vulnerable, the patches to fix vulnerabilities on the older releases almost never work right (IMO), and this is a problem. - Older Windows Releases ARE vulnerable, but the patches to fix the vulnerabilities DO work. - Linux is maturing, and personally I like the choice and flexibility it provides. Particularly with older equipment. Despite the almost troll like language and bias, the authors facts are correct. It's his conclusion that is wrong. My off topic two cents. David ----- Original Message ----- From: "Mike Dresser" <[EMAIL PROTECTED]> To: "Walter Tautz" <[EMAIL PROTECTED]> Cc: "Debian User Mail List" <[EMAIL PROTECTED]> Sent: Thursday, November 28, 2002 11:39 AM Subject: Re: [OT]: is this crap? -> wininformant headline "Most Insecure OS? Yep, It's Linux" > On Thu, 28 Nov 2002, Walter Tautz wrote: > > > > > Thought you might be interested in the FUD being reported at wininformant. > > The link to the story is: > > http://www.wininformant.com/Articles/Index.cfm?ArticleID=27428 > > Wonder how windows would do if I bundled > > monitor:~# apt-cache search "" | wc -l > 8989 > > many programs with it. > > Granted, some of the problems the article states, a lot of people run that > program, whether it be by choice or by distro default. > > Mike > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
