In this article, Matthew uses nmap and nessus against actual installs of various operating systems as part of his research. A variety of operating sytems were tested including Windows XP, Server 2003, Vista Ultimate, MacOS, FreeBSD, Solaris, Fedora Core, and Slackware. "As far as 'straight-out-of-box' conditions go, both Windows and OS X are ripe with remotely accessible vulnerabilities. Even before enabling the servers, Windows based machines contain numerous exploitable holes allowing attackers to not only access the system but also execute arbitrary code. Both OS X and Windows were susceptible to additional vulnerabilities after enabling the built-in services. Once patched, however, both companies support a product that is secure, at least from the outside. The UNIX and Linux variants present a much more robust exterior to the outside. Even when the pre-configured server binaries are enabled, each system generally maintained its integrity against remote attacks."