How do you Microsoft users deal with it ?

[blakeatwork]

why would it?? I know what i need to do to keep my system secure.

 

[Rogue]

"single function? Please give me details"

What I mean is that a typical Linux or Unix server is setup to do a single function as a server. For example, it is usually a DNS server or a mail server or a web server, etc. Typically nothing will be done on that machine other than what it's setup for. I think you'll be hard pressed to find someone playing MP3s on their Apache server while they are serving out web pages. Typically a *nix server is setup and managed in such a way that it can effectively be locked in a closet and no one will ever touch a keyboard or mouse attached directly to it ever again. The way people use Windows defies that logic in the server realm. I see far too many people who sit at a Windows server do other things with it while working on it. They will surf the internet while archiving a database, etc. They will install Office apps directly on the server for reporting functions and on and on it goes. This is what makes a Windows server more vulnerable based on my observations. I can build a *nix server to perform ONLY one function and no one will argue with that, but if I setup a Windows server as an IIS server, guaranteed, someone is going to want to install some other vulnerable app on it for functionality or something.

 

[Hyperblaze]

Originally posted by: Rogue
"single function? Please give me details"

What I mean is that a typical Linux or Unix server is setup to do a single function as a server. For example, it is usually a DNS server or a mail server or a web server, etc. Typically nothing will be done on that machine other than what it's setup for. I think you'll be hard pressed to find someone playing MP3s on their Apache server while they are serving out web pages. Typically a *nix server is setup and managed in such a way that it can effectively be locked in a closet and no one will ever touch a keyboard or mouse attached directly to it ever again. The way people use Windows defies that logic in the server realm. I see far too many people who sit at a Windows server do other things with it while working on it. They will surf the internet while archiving a database, etc. They will install Office apps directly on the server for reporting functions and on and on it goes. This is what makes a Windows server more vulnerable based on my observations. I can build a *nix server to perform ONLY one function and no one will argue with that, but if I setup a Windows server as an IIS server, guaranteed, someone is going to want to install some other vulnerable app on it for functionality or something.

If someone sets up a unix box with strictly one fuction, it is because they are worried about the cpu load.

A highly accessed website or a highly accessed ftp site will have a huge load of cpu usage.

You could easily have a unix box that does EVERYTHING, but have fun buying the hardware which can handle everything.

The same goes for a windows based server. Any smart admin knows about this. If someone uses a windows based server to run multiple amounts of things, more load on the server.

If you build a IIS server, someone will have fun hacking the IIS server, no need to install any other app on there to help break into it. Unix based bug fixes are released more frequenty then Windows based bug fixes. Unless you need to load up a new kernel, you really don't need to reboot the unix box. Windows however, there is a 50/50 chance.

A competant windows admin would actually restrict the rights so that only THEY could install stuff on the server, and they would still probably be hacked just because of security holes. That being acknowledged, your point becomes void.

 

[Phoenix86]

Originally posted by: Rogue
"single function? Please give me details"

What I mean is that a typical Linux or Unix server is setup to do a single function as a server. For example, it is usually a DNS server or a mail server or a web server, etc. Typically nothing will be done on that machine other than what it's setup for. I think you'll be hard pressed to find someone playing MP3s on their Apache server while they are serving out web pages. Typically a *nix server is setup and managed in such a way that it can effectively be locked in a closet and no one will ever touch a keyboard or mouse attached directly to it ever again. The way people use Windows defies that logic in the server realm. I see far too many people who sit at a Windows server do other things with it while working on it. They will surf the internet while archiving a database, etc. They will install Office apps directly on the server for reporting functions and on and on it goes. This is what makes a Windows server more vulnerable based on my observations. I can build a *nix server to perform ONLY one function and no one will argue with that, but if I setup a Windows server as an IIS server, guaranteed, someone is going to want to install some other vulnerable app on it for functionality or something.

That is a function on the admin, and not the OS. What you are describing dosn't make "windows more or less secure than *nix or linux." It makes the admin a moron.

I'll keep pointing back to my original statement. It's the ADMIN, NOT THE OS.

 

[dullard]

Nope. I update about once every 6 months at home. No problems at all. At work, I do it once a month or whenever I have the free time (and I update well over a dozen computers at that time). No major problems ever since I started using Zone Alarm at work. Keeping the virus protection up to date is far more important.

 

[Hyperblaze]

Originally posted by: dullard
Nope. I update about once every 6 months at home. No problems at all. At work, I do it once a month or whenever I have the free time (and I update well over a dozen computers at that time). No major problems ever since I started using Zone Alarm at work. Keeping the virus protection up to date is far more important.

virus? what's a virus? oh that's right, your using windows.....

 

[Klixxer]

Originally posted by: Rogue
"single function? Please give me details"

What I mean is that a typical Linux or Unix server is setup to do a single function as a server. For example, it is usually a DNS server or a mail server or a web server, etc. Typically nothing will be done on that machine other than what it's setup for. I think you'll be hard pressed to find someone playing MP3s on their Apache server while they are serving out web pages. Typically a *nix server is setup and managed in such a way that it can effectively be locked in a closet and no one will ever touch a keyboard or mouse attached directly to it ever again. The way people use Windows defies that logic in the server realm. I see far too many people who sit at a Windows server do other things with it while working on it. They will surf the internet while archiving a database, etc. They will install Office apps directly on the server for reporting functions and on and on it goes. This is what makes a Windows server more vulnerable based on my observations. I can build a *nix server to perform ONLY one function and no one will argue with that, but if I setup a Windows server as an IIS server, guaranteed, someone is going to want to install some other vulnerable app on it for functionality or something.

A typical Linux server wold be a server running Apache, MySQL and Evolution-server, you could use a PII for that and it would still be faster than a modern server running Windows.

The difference is memory management and the design of the OS.

Installing office apps on the server is not anything uncommon, in the Linux world you usually store the packages on the server and users use the files from there, OO works this way and it is just fine, MSO still have problems with that though.

Name ONE function that is usable that Linux does not have and i will agree with you.

 

[dabuddha]

Originally posted by: Jero

Originally posted by: Stark
ms insecurity = job security 😛

very true.

However, unix security = less headaches

LOL if you really think that you don't know *nix that well.

 

[Armitage]

Originally posted by: Phoenix86

Originally posted by: Jero

Originally posted by: Phoenix86

Originally posted by: Ameesh
the misconception here is you think there aren't the same number of security flaws in linux or *nix that has features activly being added as there are in windows, the truth is all the os's have the same number of security flaws its just the media and the trades dont publish them as much, try signing yourself up for redhat secuirty emails , that list itself will mailbomb you everyday.

Your right about the # of vulnerabilities. It's a myth that one OS is more secure than another. The truth is, the sercurity of an OS is dependant on the sysadmin. END OF DEBATE.

The huge difference is really the amount of people who get the chance to proof-read the code.

There are maybe 1000-2000 folks who check the code for vulnerabilities for Microsoft Software. Ameesh could probably give a better estimate since he worked there before.

open source software on the other hand, has MILLIONS of people who check the code for vulnerabilities.

That in itself, helps linux be more secure then windows.

Also, the archiecture in Linux was designed for security, then user-friendlyness.

The archiecture in windows was designed for user-friendlyness, then security.

How did it make it as a DoD trusted OS then? DoD Trusted Computer Criteria

IIRC, and it's been awhile, so I may be out of date, they only achieved this with a standalone (ie. not networked) NT4 system.

 

[Hyperblaze]

Originally posted by: dabuddha

Originally posted by: Jero

Originally posted by: Stark
ms insecurity = job security 😛

very true.

However, unix security = less headaches

LOL if you really think that you don't know *nix that well.

or maybe I'm just more competent then you are on unix?

edit: a major thing about unix that I have discovered over the years.

Learn how to use google/mailing list/newsgroups to your advantage.

Once that is achieved, unix is a piece of cake.

 

[Rogue]

I'm not really picking one side over the other to be honest. I see both platforms as being equally secure, again, provided the admin knows what the hell they're doing. I do believe that *nix tends to be security through obscurity though as it's not really a target of choice because there is no central organization to attack. It's a number of things, but I agree that any system properly setup for it's function(s) can be secure, Windows, Linux, Unix or otherwise.

 

[dabuddha]

Originally posted by: Jero

Originally posted by: dabuddha

Originally posted by: Jero

Originally posted by: Stark
ms insecurity = job security 😛

very true.

However, unix security = less headaches

LOL if you really think that you don't know *nix that well.

or maybe I'm just more competent then you are on unix?

edit: a major thing about unix that I have discovered over the years.

Learn how to use google/mailing list/newsgroups to your advantage.

Once that is achieved, unix is a piece of cake.

BWHAHAHAHAHAH keep it up. I've never laughed so hard at someone so ignorant before 😀