RE: NT vs Unix on the Internet

From: Aleph One (aleph1at_private)
Date: Tue May 05 1998 - 18:36:42 PDT

  • Next message: Bruce K. Marshall: "InfoWorld article on IDS"

    On Tue, 5 May 1998, Paquette, Trevor wrote:
    > There is a reason that more then 70% of the internet runs on Unix, it is
    > because Unix can be made MORE secure then NT can (Even that is based on
    > personal interpretation). 
    [ playing devil's advocate ] Not quite. The reason that 70% of the net
    runs Unix is because there was not NT when the Internet started. Since
    there was no NT to write programs for all network services where written
    for Unix (BIND, sendmail, NNTP, etc). And now you have people that are
    comfortable with Unix staying with Unix. As more network application are
    written for NT and more people become used to it the more NT server you
    will see on the net.
    > Unix has 25 years on NT in support,
    > development and real-world deployment. Because of this, Unix vendors
    > have seen just about every scenario in which a Unix system can be
    > deployed. As a result they have (for lack of a better term) "hardened"
    > the system against that type of attack. Because the world keeps
    > changing, and the methods used by hackers keep changing, the security
    > world must also keep changing. (Unix and NT included)
    Ha! I must strongly disagree. Just what are is "hardening" you refer to?
    Unix systems are as secure today as they were 10-15 years ago. Sure there
    has been some minor improvement like shadow passwords but one would
    hope vendors could have done better in this many years. (Not to imply that
    NT security is any better...)
    > As more and more sites start running NT, you WILL also see more and more
    > NT security holes discovered. Anyone who thinks otherwise has no basis
    > to be giving any opinion on security.
    And when will the Unix holes stop appearing?
    > The difference between Unix vendors and Microsoft, from my experience,
    > is that you are now depending on a huge, slow, "it's not a bug it's a
    > feature" attitude from Microsoft. Anyone who thinks that NT is more
    > secure then any other OS because it is Microsoft, has been successfully
    > duped by the big Microsoft marketing machine.
    *nod* All vendors are the same.
    > NO operating system is "secure". ANYONE with enough determination can
    > break through any firewall or security system that you put in place. The
    > attack may not come from where you'd expect, or from someone that you'd
    > expect. The only truly secure system is one that is either turned off,
    > or is disconnected from the network.
    True. Its a matter of how much effort they have to put into it before they
    break in. But you would think Unix vendors could have done better by now.
    [ Sorry. Moderating a full disclosure vulnerability mailing list can make
      you quite cynical. ]
    Aleph One / aleph1at_private
    KeyID 1024/948FD6B5 
    Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:58:33 PDT