Re: Which Windows OS is Safest

[Eoin Fleming <rtfm () o2 ie>]

Ummm...

This is going to get a lot of flames but Win NT/2K/XP/2k3 are not inherently insecure- the fact is that they are often 
deployed in an insecure manner. A competent win admin can make windows very secure indeed - most OS's have the ability 
to be secure - few are "inherently" secure - it depends on how they are deployed and in what scenarios they are used - 

If idiot (a) deploys Apache/*bsd as a webserver and idiot (b) deploys XP/IIS - who gets hacked?

Both, as both OS's and apps have inherent vulnerabilities, if the admin doesn't patch and harden they will at best get 
sacked.

There is no such thing as a "safe" windows OS - for that matter there is no safe *nix, OS-390, VMS, as-400, Mac-os it 
depends completely on how you as the admin set it up and communicate to the users what is acceptable and what is not. 
There is no point locking down a system so far that the users can't do their jobs similarly there is no excuse for 
leaving a system open to attack. If you blindly put your faith in any OS to do YOUR job, see the sentence beginning 
with.. if idiot (a)

Cheers,
Eoin D. Fleming ISSMP CISSP CISA
That’s my name - my reputation? I know it's around here somewhere.....


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------