Tom Bradford wrote: > But the method by which j00 0wN a windows box is generally a cooperative > one, where you're relying on user ignorance to perform the attack for > you. In the case of a server, the cooperative element is incredibly > reduced (though not necessarily eliminated), because there typically is > no local user doing stupid things. Organizationally, these types of > attacks can be controlled relatively easily, without having to patch > many boxen. You mean like having to tweak/remove Outlook on every workstation ? Reactive updates to anti-virus software on Exchange servers doesn't stem the tide either. > Again, if we're talking about a server, where those programs aren't even > being used, this concern isn't all that much of an issue. The issues > with Outlook, IE, and ActiveX installing worms and trojans are well > known at this point and are almost exclusively the ones cited by Linux > agents of FUD ... Linux users are in the minority of the number of people complaining about these. They have been talked about so much because they have been around so long and Redmond has never shown any interest in making them go away... >The holes in various Linux services/applications are more numerous, and worse, >they're much more diverse in their nature. Comparing apples and oranges, a multi-user operating system vs a one-user-at-a-time system. The majority of the exploits found and closed on Linux (as well as all of the unix versions) are for 'local exploits'. They aren't an issue if users aren't allowed to 'login' in the first place. Since exploits on Linux systems are closed as quickly as they can be found, (again assuming vigilance), the net product of the number of exploits times the time of non- patched status is relativly small. There is no shortage of exploits for the products from Redmond... Not only are the OSs from Redmond full of holes, so are the services running on the servers. IIS is a great example. Active Directory another. > > BTW, there are third party programs that will remove IE and Outlook > express. It would have been nice not to have to install them in the first place... Thanks Again, Kevin She can kill all your files; She can freeze with a frown. And a wave of her hand brings the whole system down. And she works on her code until ten after three. She lives like a bat but she's always a hacker to me. -- Apologies to Billy Joel