On Wed, 4 Jul 2012 18:11:14 +0100 Lisi <lisi.re...@gmail.com> wrote: > On Wednesday 04 July 2012 17:14:29 Brad Alexander wrote: > > The third reason we > > are not in the same boat as windows is that we have a much smaller > > attack surface than Windows. Windows still has over 90% penetration > > on the desktop, Therefore, they are the low hanging fruit. > > How, then, do you explain the fact that Windows servers, which have a > penetration of less than 50%, suffer on the Internet as do Windows > home users, whilst Unix and family servers, which have over 50% > penetration, still suffer from _far_ less malware? >
All kinds of reasons, beginning with the fact that most malware designed for Windows desktops works just fine on the servers, too, though I think most servers are somewhat better protected than a home PC. People don't sit in front of them and surf the Web, for one thing (at least not in sensible companies). But while there are excellent Windows admins, the fact is that it is a point-and-click environment, with qualifications obtainable from exams marked by computer, and hence multiple-choice. I'm not suggesting the exams are trivial, but by their nature they ask go-nogo questions, and the questions are mostly based on operating the Windows dialogue boxes. Microsoft has made its billions by making computers relatively easy to use, so you can go a long way as a junior admin or consultant by just knowing the right box to tick. There is a relatively small amount you can do wrong. I'm not just guessing here: I started in network admin by being given a small NT4 network to look after. I didn't install the server, and occasionally had to call in the company who did, but I bought the appropriate set of MS books with a view to going for the MSCE. That never happened, but I got fairly familiar with what was in the books and I could sort out most problems. I built a second PC at home and installed NT server and workstation software multi-booting with my production Win95 and Win98. Then I discovered Linux, at about Red Hat 5 if I remember rightly (long before RHEL and Fedora), and learned a great deal more about computer and network admin in a couple of months than I had in about two years of practical NT admin, having in that time learned what I estimated was most of the knowledge necessary for the NT4 MCSE. What was a little disturbing was that after a fairly short exposure to Linux, I now *understood* a lot more about what I had been doing by rote with NT, and that understanding was *not* required by the MCSE exam. The bottom line is that Linux is significantly harder to drive than Windows (and I've dabbled with Server 2000, 2003 and 2008, and a few Red Hats, Mandrakes and Debians) and the admins are likely to know more about what they're actually doing, because they need to. On the other hand, a lot more Linux knowledge is transferable, because Linux developers don't have to sell new versions every few years. Windows doesn't actually change all that much between versions, but the GUI and in particular the GUI paradigms (I hate that word, but it is the right one for the mix of views and concepts that MS use to overlay the prosaic world of IP addresses and daemons) must change noticeably to convince buyers they're getting something better. So Windows admins have to learn a different method of access to many configurations with each version, getting further and further away from the nuts and bolts, and Linux admins just need to keep track of what has now migrated into /etc/default, or that a big configuration file is now split into many smaller ones. The current limit is reached with MS Small Business Server, which aims to be a full-featured server for people who know no IT whatever. It's very limited compared to the full Server version, because almost everything is hard-coded. There are a lot of these about now, and some of the people who own them do some extremely stupid things with them... -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120704204605.22653...@jretrading.com
