Linked by Thom Holwerda on Fri 30th Mar 2007 20:41 UTC, submitted by Robert Escue
Privacy, Security, Encryption In this article, Matthew uses nmap and nessus against actual installs of various operating systems as part of his research. A variety of operating sytems were tested including Windows XP, Server 2003, Vista Ultimate, MacOS, FreeBSD, Solaris, Fedora Core, and Slackware. "As far as 'straight-out-of-box' conditions go, both Windows and OS X are ripe with remotely accessible vulnerabilities. Even before enabling the servers, Windows based machines contain numerous exploitable holes allowing attackers to not only access the system but also execute arbitrary code. Both OS X and Windows were susceptible to additional vulnerabilities after enabling the built-in services. Once patched, however, both companies support a product that is secure, at least from the outside. The UNIX and Linux variants present a much more robust exterior to the outside. Even when the pre-configured server binaries are enabled, each system generally maintained its integrity against remote attacks."
Thread beginning with comment 226066
To read all comments associated with this story, please click here.
Fedora
by siti on Fri 30th Mar 2007 21:48 UTC
siti
Member since:
2005-07-06

Fedora done very well in this test because they have implemented active protection. E.g. exec-shield, pie executables and selinux. I really hope that most linux distros implement similar functionality because it's been available since about 2004.

Windows XP SP2 added NX support. Windows Vista added address space layout randomization (although this probably only works with built in apps because the code needs to be PIC). So why don't all the linux distros at least use exec-shield for the sake of the users and linux 's reputation of being reasonbly secure.

Reply Score: 5

RE: Fedora
by Xaero_Vincent on Sat 31st Mar 2007 04:29 in reply to "Fedora"
Xaero_Vincent Member since:
2006-08-18

I wonder the same thing myself.

Security is really important and despite what many Linux users would tell you, it isnt as good as it should be in most distributions.

As Linux gains more consumer interest, this issue will become more problematic for distros like Ubuntu, who put security on the back burner.

Reply Parent Score: 3

RE[2]: Fedora
by raver31 on Sat 31st Mar 2007 18:13 in reply to "RE: Fedora"
raver31 Member since:
2005-07-06

Not really, up front Ubuntu does not look to lock much stuff Down, but underneath, it is still Linux.

I am not going to try to claim Linux is ultra-secure, but it has been designed from the ground up as a multi-user system. And, as such security has been at the forefront since day one.

Linux might,(or not), get millions of Joe Users over the next few years, but I can safely predict, that there will not be even 1% of the malware that is currently on Windows, available to Linux users.

See, being multi-user since inception, one thing that Linux cannot do, is let Joe Users programs run rampant over other users or the system files.

Reply Parent Score: 2