I didn't claim Windows had good security, only that the security it has is easier to set up. I view the Windows "firewall" as a complete waste of time, so I've never used it, I prefer hardware devices (like a Cisco PIX).
Security policy is actually extremely easy and effective in Windows, so long as you're running in a managed environment with an ActiveDirectory controller. I've seen nothing in the Linux world to compare with
the ease and control available in that environment. Again, I'm not saying Windows has good security, only that what it does have is dead-simple to manage due to their heavy application of GUI tools. That same
use of the GUI means many (NOT ALL) Windows admins don't have the background to set up security properly, but they sure don't have any trouble getting things setup, even if the result is not very secure.
That's the major issue with Linux, it takes a lot of knowledge to set up most configuration, and very little is common among different services. If the F/OSS community could develop the kind of administration
interfaces common in the Windows world, we'd see a lot more adoption of Linux in the low-end servers of major corporations, and more adoption of Linux by home users as well.
BTW, I Like Linux, I run it at home, but most people I know won't, simply because figuring out how to do simple things, like connecting to a new wireless network, requires modifying config files or running
command-line tools, and most people don't have the time or inclination to learn how to do that, they just want a simple *graphical* tool that walks them through it, and helps them understand what to do.
==Joseph++
Craig White wrote:
> On Sat, 2005-06-25 at 01:08 -0700, Joseph Sinclair wrote:
>
> once again, you have written the mini-book answer to a general question
> and I feel so much more knowledgeable having read the above. Even though
> I think I knew all that, I doubt that I would have been anywhere within
> hand grenade range of this description. Heck, I even feel guilty nit-
> picking it.
>
> You stated 'setting up security in Windows is easier' and that is not
> entirely true. NTFS has ACL support, VFAT does not. Very few people have
> a clue how to access it. Only WinXP SP2 has a built-in firewall which
> most people will have to be told when and how to add exceptions for a
> specific program. Win2K and WinNT only have packet filtering in a hidden
> area of the network interface configuration and the interface to it
> might be one of the worlds worst. All of the 3rd party firewall
> implementations are too tedious for knowledgeable users and thoroughly
> confusing for less than knowledgeable users. Local security policy
> implementation? Not too difficult but I probably don't know a soul
> personally that has done it other than me. Considering that most Windows
> users run as super user and idiotic things like Quickbooks will not work
> unless you at least have local 'Power User' privileges, security and
> Windows are not always intersecting areas.
>
> Craig
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)