Being as a Windows geek tho, I consider Linux as a more powerful server operating system than Windows. When I saw OS comparison at http://www.microsoft.com/windowsserver/compare/linux/server-security.mspx I was shocked! Showed it to a friend and he felt like being brainwashed :D lol. What do you fellows think about this? Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080823/26d73c15/attachment-0005.html>
On Sat, Aug 23, 2008 at 12:00 PM, ABBAS KHAN <bashukhan at gmail.com> wrote:> Being as a Windows geek tho, I consider Linux as a more powerful server > operating system than Windows. When I saw OS comparison at > http://www.microsoft.com/windowsserver/compare/linux/server-security.mspx I > was shocked! Showed it to a friend and he felt like being brainwashed :D > lol. > What do you fellows think about this?It's marketing, plain and simple. Do you think that a windows website is going to expound upon the virtues of linux while trying to sell a competing product? When you look at the supposed security reports comparing windows and linux, are they figuring in everything that ships with the distribution as a 'linux' vulnerability? For example, when comparing RHEL against Win2k3, do they figure openoffice stats against linux while saying that MSOffice is separate? Do they use default configurations against tuned setups when comparing speeds? Most importantly what is your system administrator familiar with? Many times security and system stability come down to the skill of the administrator responsible for the system. A stellar windows admin with a windows server is better than a shoddy linux admin with his/her distro-de-jour. Use the tools appropriate for the task, within the administrator's skillset. If no such combination exists, find a new admin. These days, system admins are a dime a dozen, but if you find one who is truly gifted in the art, they're worth their weight in gold. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell
ABBAS KHAN wrote:> Being as a Windows geek tho, I consider Linux as a more powerful server > operating system than Windows. When I saw OS comparison at > http://www.microsoft.com/windowsserver/compare/linux/server-security.mspx I > was shocked! Showed it to a friend and he felt like being brainwashed :D > lol. > What do you fellows think about this?windows has only one vulnerability: - windows is vulnerable to attacks other systems and programs have millions of vulnerabilities: - foo program allows an attacker in 10.1.2.3 to access /etc/hosts - foo program allows an attacker in 10.1.2.3 to access /etc/aliases now repeat this for every possible file and for the 2^32 IP addresses, and you get as many vulnerabilities as you can count. and think of it. windows is 100% by default. you need to power the system before it gets owned. and did you read the ULA? you paid to use the system, but what makes you believe you will be the only one? it is a shared system. anyone on the internet can use it. it's not a vulnerability, it's a feature. and windows is "user friendly". if a vulnerability is found, why fix it and annoy the user? just issue a dialog box "this may be unsafe. do you really want to...?". after all, the user paid. no? more seriously, using vulnerability count as a security measure is childish at best. Are 5 cents more than 1 euro (dollar|...)? do 10 rabbits eat a lion? but in this particular case, there is no child play. it is intentional: " Reliance on a single metrics is a major feature of Microsoft's Get the Facts campaign, and this is perhaps understandable if we consider what the campaign is. It is essentially a marketing-driven campaign intended to .... " Source: http://www.theregister.co.uk/2004/10/22/linux_v_windows_security/
Hi, that MS article is just marketing fluff. Here is a less biased viewpoint: http://arstechnica.com/news.ars/post/20080425-study-70-percent-say-red-hat-more-secure-than-windows.html Its further interesting to note that at a CanSecWest conference earlier this year, researchers were given access to 3 machines to attempt to hack. The OSX laptop was compromised on day 2, the Vista laptop on day 3, and the machine running Ubuntu linux wasn't hacked into at all.