Confessions from a Sysadmin

[The_Unbeliever]

http://www.theregister.co.uk/2010/06/01/sysadmin_confessions/

According to the email of article topics in my inbox, this one is supposed to be about the importance of proper configuration and patch management. Instead of being able to stand atop an ivory tower and reveal to you the secrets of perfect network management, I am forced to humble myself before the entire internet with a confession:

I discovered the Conficker worm on my network today.

Or, more precisely, this is the reason why Windows Sucks.

No matter how you slice and dice it, Windows, in general, as secure OS, is a BIG failure.

Finish en klaar.

 

[HavocXphere]

Google employees now need CIO approval to get a windows desktop PC. They didn't like this China hacking business.

 

[bleh69]

Completely Agree with The_Librarian. In every single Hacker comp I have competed in, or have watched, it is ALWAYS the Dowz box that falls first. ALWAYS.

 

[hawker]

I concur. Comprising a windows OS is just too easy.

 

[Ancalagon]

What does the article have to do with Windows? He mentions how sloppy configuration and certain unpatchable machines caused this preventable scenario - could just has easily have happened to Linux.

Yes, Linux does have security holes, the difference is no one bothers targeting them because so few computers run linux. What do you think would have happened if the guy was running Red Hat 3 without SELinux, and Linux was the dominating OS? He would still have got owned!

Remember the furore about SSL certificates in wich nix coders didnt understand the specification so they used predefined data as part of the certificate? Dont tell me Windows is so much worse!

EDIT Ahh here we go: http://www.theregister.co.uk/2008/05/16/debian_openssl_flaw/

 

[bleh69]

Yes, Linux does have security holes, the difference is no one bothers targeting them because so few computers run linux.

I dont know what your smoking brother... but 80% of Internet servers run Linux.

 

[hawker]

Yes, Linux does have security holes, the difference is no one bothers targeting them because so few computers run linux. What do you think would have happened if the guy was running Red Hat 3 without SELinux, and Linux was the dominating OS? He would still have got owned!

Security through obscurity is not a valid argument. *nix is not targeted as much as windows because it is orders of magnitude more difficult to compromise.

 

[w1z4rd]

What does the article have to do with Windows? He mentions how sloppy configuration and certain unpatchable machines caused this preventable scenario - could just has easily have happened to Linux.

Aah, but what you fail to mention, is that a badly setup Windows server is more at risk than a badly setup Linux server. Also, patches from Linux are released almost immediately, it can often take years for MS to admit and fix a problem.

Yes, Linux does have security holes, the difference is no one bothers targeting them because so few computers run linux.

More devices actually run linux imho. From routers, to Pabx systems, from banks to about 90% of the server market. I dont accept this logic.

Remember the furore about SSL certificates in wich nix coders didnt understand the specification so they used predefined data as part of the certificate? Dont tell me Windows is so much worse!

EDIT Ahh here we go: http://www.theregister.co.uk/2008/05/16/debian_openssl_flaw/

This was patched right away. Of course windows is much worse to say otherwise shows a lack of professional experience in the server market.

 

[Ancalagon]

I dont know what your smoking brother... but 80% of Internet servers run Linux.

And internet servers never get compromised ever? Really? And social engineering attacks of the kind "Click here to make your willy bigger" target internet servers?

Security through obscurity is not a valid argument. *nix is not targeted as much as windows because it is orders of magnitude more difficult to compromise.

Sorry, I dont agree.

nix has its flaws, but they arent discovered because hackers/malware writers typically dont target it. Why? Because no one runs it! Who knows what they would discover if they did.

Besides which, you have to remember that your average nix user is more clued up than your average windows user. Your average windows user runs around with administrator privileges all day, while linux users dont tend to login as root unless they absolutely have to.

Not to mention, Google got hit because it had users still running IE6. That implies Windows XP at the latest. I'm sorry, I have no sympathy for anyone running IE6. How many security holes do you think I would find in Linux circa 2003 running the first version of Konquerer? Lots? Obviously WinXP and IE6 have huge gaping holes, but I havent seen anything to indicate that Win7 running FireFox is anything near as insecure. Will it get viruses? Yes, of course it will, because its targeted more.

How many man hours do you think have been spent hacking Windows vs hacking Linux?

 

[midkemia]

And internet servers never get compromised ever? Really? And social engineering attacks of the kind "Click here to make your willy bigger" target internet servers?




Sorry, I dont agree.

nix has its flaws, but they arent discovered because hackers/malware writers typically dont target it. Why? Because no one runs it! Who knows what they would discover if they did.

Besides which, you have to remember that your average nix user is more clued up than your average windows user. Your average windows user runs around with administrator privileges all day, while linux users dont tend to login as root unless they absolutely have to.

Not to mention, Google got hit because it had users still running IE6. That implies Windows XP at the latest. I'm sorry, I have no sympathy for anyone running IE6. How many security holes do you think I would find in Linux circa 2003 running the first version of Konquerer? Lots? Obviously WinXP and IE6 have huge gaping holes, but I havent seen anything to indicate that Win7 running FireFox is anything near as insecure. Will it get viruses? Yes, of course it will, because its targeted more.

How many man hours do you think have been spent hacking Windows vs hacking Linux?

Touche

If you running Windows 7 with updates, and a "decent" AV like Kaspersky or ESET, you are more unlikely to get hacked or get a virus.

If you running XP with no patches for the last 3 years, and outdated AV, you asking for trouble.

Saying that, I have friends who have no AV on there servers, but the servers are just locked down correctly, and they have NO issues.

 

[Tanya35]

Snow Leopard has a server edition. I wonder how good it is?

 

[Nod]

And internet servers never get compromised ever? Really? And social engineering attacks of the kind "Click here to make your willy bigger" target internet servers?

No, it targets the stupidity of man.

 

[Nod]

Sorry, I dont agree.

nix has its flaws, but they arent discovered because hackers/malware writers typically dont target it. Why? Because no one runs it! Who knows what they would discover if they did.

No one runs it?

 

[h0ll0w]

What about the fact that windows is more popular and prevalent than any other OS by absolute lightyears ?

That has got to count for something.

*edit : I see this point has been raised. I feel it is very valid.

 

[Tanya35]

What about the fact that windows is more popular and prevalent than any other OS by absolute lightyears ?

That has got to count for something.

*edit : I see this point has been raised. I feel it is very valid.

Since it's issued and pre-loaded with just about every PC sold, we shouldn't really count numbers through choice.

 

[w1z4rd]

What about the fact that windows is more popular and prevalent than any other OS by absolute lightyears ?

That has got to count for something.

*edit : I see this point has been raised. I feel it is very valid.

Only in the desktop market. Not in the server market (ie the computers that run the world) where Linux completely rapes Windows.

 

[ambo]

Why? Because no one runs it! Who knows what they would discover if they did.

I'm not sure how you come to that conclusion. *nix boxes are more commonly servers than desktops. This means they are more likely to be in-the-wild on public IP addresses with no firewall or NAT to protect them from nasties. As bleh69 pointed out - the number of servers running *nix is much higher than those running Windows. The attack surface is much larger.

Its also not true that hackers don't attempt to compromise linux servers. Most of my linux hosts get hit dozens of times an hour by many people. During the last 5 or so years I know of one linux host that was compromised. By comparison - windows hosts running releases of a similar age are being compromised on a monthly basis.

 

[Ancalagon]

Only in the desktop market. Not in the server market (ie the computers that run the world) where Linux completely rapes Windows.

Which is the target for most virii and malware attacks.

Yes, I said no one runs it, I know this isnt quite true. Forgive me.

 

[h0ll0w]

Since it's issued and pre-loaded with just about every PC sold, we shouldn't really count numbers through choice.

That is irrelevant. What is relevant though, is the fact that its on every PC out there. So inevitably it would get the exclusive attention of somebody trying to wreak as much havok as possible by compromising (not comprising) the OS.

 

[h0ll0w]

Only in the desktop market. Not in the server market (ie the computers that run the world) where Linux completely rapes Windows.

Also irrelevant, unless there are more mainframez in the world than desktops, and windows server did not exist at all.

By targeting windows you are gonna affect infintely more systems than any other OS.

*oh and to add to that, if you compromise those countless windows PC's, you are also screwing over banks etc. who, no doubt, implement the ever so leet linux servers