just in case you missed it
Tom Bradford
plug-discuss@lists.PLUG.phoenix.az.us
Tue, 08 May 2001 22:48:09 -0700
KevinO wrote:
> Even a puny Windows box can be made into an attack machine once you
> 'own' it.
But the method by which j00 0wN a windows box is generally a cooperative
one, where you're relying on user ignorance to perform the attack for
you. In the case of a server, the cooperative element is incredibly
reduced (though not necessarily eliminated), because there typically is
no local user doing stupid things. Organizationally, these types of
attacks can be controlled relatively easily, without having to patch
many boxen.
> Windows gives one much less control over what is and what is not
> installed. (Ever try to remove the web browser? Uninstall ActiveX or
> Outlook Express ?)
Again, if we're talking about a server, where those programs aren't even
being used, this concern isn't all that much of an issue. The issues
with Outlook, IE, and ActiveX installing worms and trojans are well
known at this point and are almost exclusively the ones cited by Linux
agents of FUD in making their OS look like the better one in the
security race. Granted, the holes in Windows dealing with executable
content are many, but they're easily classified. You can narrow the
culprits to one of two programs in those cases. The holes in various
Linux services/applications are more numerous, and worse, they're much
more diverse in their nature.
BTW, there are third party programs that will remove IE and Outlook
express. ActiveX you can't do anything about because, along with DCOM,
it's the next link in the mutation chain of Clipboard->DDE->OLE->COM.
--
Tom Bradford --- The dbXML Project --- http://www.dbxml.org/
We store your XML data a hell of a lot better than /dev/null