just incase you missed it

Tom Bradford plug-discuss@lists.PLUG.phoenix.az.us
Tue, 08 May 2001 19:59:44 -0700 

KevinO wrote:
>         I think you're missing (leaving out) a key point here. Linux exploits
> are posted because Linux users in general care and CAN DO SOMETHING
> ABOUT IT. Dem po microsoft lusers are pretty much stuck with whatever
> Redmond gives them. Exploits for the C.R.A.P.(tm) that comes out of
> Redmond tend to stick around for quite a while, and MS sometimes forces
> people to upgrade an entire system to 'get the fix'.

It only takes one unsecure Linux box on a network to serve as a staging
point for attacking the rest.  If you bust out a Windows box, you
usually just do that, unless admins have done something stupid like
giving every user domain admin privs, and punching NetBIOS through the
firewall for all internal systems.

>         Exploits for Linux systems get fixed very rapidly.

Whether they get patched in a running system rapidly is a completely
separate issue.

>         Be vigilant with your security on a Linux system = you have a pretty
> tight box.
>         Be vigilant with your security on a MS system = you're still open ,
> whether you realize it or not. Unless of course you unhook it from the
> LAN, disconnect the modem, etc...

Still, since Windows can't (usually) be used as a staging point for
further attacks, I'd say the problems surrounding Linux security present
a much greater risk to a network.  Since there are quite a few more
problems with Linux, and the risks are much greater, I'm not buying into
your argument.

I'm a Linux and Solaris user.  I don't like Microsoft or their software,
but I refuse to buy into the rancor that oozes out of a very small
percentage of Linux users.  It's just as much FUD as anything that comes
out of Redmond, and there's really no place for it in the Linux
community.  You can't run around saying you're better than Microsoft if
at the same time you're spouting the same type of crap they are.

-- 
Tom Bradford --- The dbXML Project --- http://www.dbxml.org/
We store your XML data a hell of a lot better than /dev/null