List:General Discussion« Previous MessageNext Message »
From:Van Date:April 17 1999 8:38pm
Subject:Re: [PHP3] Re: ERes for Linux (fwd)
View as plain text  
> > I should also note that the performance of an NT system will be way more
> > than sufficient for an application such as ERes.  And at least in our
> > experience, NT offers better security:  while 3 of systems running under
> > Linux have been hacked in the last 9 months, we have had no reports of
> > problems from our sites running under NT.
I've had 6 attempts on my Slackware box at a Middle-High school in the
past 4 weeks.  None successful.  2 were pursued and caught.  Had their
connections revoked by their ISPs.  And, I'm sure NT would log these
types of events if the admin were to enable that level of security
logging, but would it just report "command completed successfully with
an unspecified error" or what?  I wouldn't push this client toward
anything useful.  He'll/She'll be back in a year, anyway.
> 
> That's because NT doesn't run many services by default. When no one telnets into
> the machine, it get's trickier to sniff passwords... Wonder if they're using ssh
> on the linux box. And I'm really getting sick of people installing RedHat out of
> the box with the default setup, and then complaining about how insecure it is.
> Sure, if you run all the stuff that get's started up by default and don't apply
> any patches, it probably is. These people don't understand that linux, as well as
> any os, is only secure as it's admin. If you don't take the proper steps to secure
> your machine, you will get broken into, it's just a matter of time.
All statements, true, Chad.  It comes down to the fatal flaw that is
NT:  it looks easy.  But, since it looks easy, management assumes it's
as simple as plopping a cd in and letting it rip with setup /x /b. 
Unfortunately, once it's up the "administrator" doesn't have a clue as
to what the machine's doing.  Redhat does the same thing.  And, more
people are using it, so, the potential for exploits is growing.  I got a
guy at work who didn't know how to turn off anonymous ftp.  These are
skills that can only be won by hard work.  So, if the client mentioned
doesn't feel like working, he's best off with the "commercially
supported" OS.  

> 
> --
> 
> Chad Cunningham
> ccunning@stripped
With regard to your network, Chad, I installed a Redhat 5.2 box 6 weeks
ago from ftp.cis.ohio-state.edu.  >:)  45 minutes later, I was up and
running.  And, yes, I did get the Xserver, ftp, and other updates
immediately afterward from
ftp://ftp.cis.ohio-state.edu/mirror/redhat-updates/.  
Best Regards,
Van
-- 
=========================================================================
Linux rocks!!!   www.dedserius.com
=========================================================================
Thread
Re: ERes for Linux (fwd)Christopher L Lott17 Apr
  • Re: [PHP3] Re: ERes for Linux (fwd)Chad Cunningham17 Apr
  • Re: [PHP3] Re: ERes for Linux (fwd)Pat Sherrill18 Apr
  • Re: [PHP3] Re: ERes for Linux (fwd)Van18 Apr
  • Re: ERes for Linux (fwd)Michael Widenius18 Apr
  • Re: [PHP3] Re: ERes for Linux (fwd)Paul DuBois18 Apr
  • Re: [PHP3] Re: ERes for Linux (fwd)Anthony Baratta18 Apr
  • Re: ERes for Linux (fwd)Sasha Pachev18 Apr
  • Re: [PHP3] Re: ERes for Linux (fwd)Sasha Pachev18 Apr
  • Re: ERes for Linux (fwd)Fred Read19 Apr
    • Re: ERes for Linux (fwd)unknown19 Apr