Firewall Wizards mailing list archives
RE: NT vs Unix on the Internet
From: Russ <Russ.Cooper () rc on ca>
Date: Fri, 8 May 1998 06:33:11 -0400
Unix has 25 years on NT in support, development and real-world deployment. Because of this, Unix vendors have seen just about every scenario in which a Unix system can be deployed. As a result they have (for lack of a better term) "hardened" the system against that type of attack. Because the world keeps changing, and the methods used by hackers keep changing, the security world must also keep changing. (Unix and NT included)
As Aleph One so adeptly stated, the passage of time has done very little to improve the level of security that gets implemented (note, time has definitely improved the level of security that "could" get implemented). People take a lot longer to evolve than operating systems, unfortunately...;-] However, as the moderator of the list dedicated to discussing security exploits and security bugs in Windows NT, and an active participant in the recent Teardrop2 attacks against Win boxes, I can tell you something about the current state of affairs wrt NT on the Internet. The vast majority (say roughly 90%) of all "hacks" of NT that have been reported have come about as a result of lack of knowledge on the part of the installer/administrator. Granted, getting the knowledge to prevent these exploits is not something that comes in the NT Documentation, but the information is out there. Theorizing about attack methods against NT is extremely popular today, as is sensationalizing reports of exploits (read: DISN). The media loves it, the hackers love it, its a win-win situation for those two mutually supporting groups. This is not to say that NT is secure, or can be made secure, that's not my point. Debunking a sensational report may have the adverse effect of leading people to believe its not a problem. I've been responsible for some of that, I know. Some facts about NT: 1. Most known Unix exploits have little effect on native NT system (e.g. MS Exchange versus Sendmail). 2. NT has exploit realities/possibilities that do not exist in Unix (e.g. getadmin, lsa-secrets). 3. The number of people who "know" how to secure an NT box against "known" exploits are far fewer than their Unix brethren (that's why we get paid so much...;-]) 4. The number of people, proportional to the number of users, who can *honestly* say they feel comfortable managing the security of an NT box is far, far, lower than those in the Unix field (note: when asked, a lot more will answer yes even though they don't know because they believe things aren't an issue that are). Cheers, Russ - NTBugtraq/NTSecurity moderator http://www.ntbugtraq.com/ntbugfaq.asp
Current thread:
- NT vs Unix on the Internet Peter Jeremy (May 04)
- Re: NT vs Unix on the Internet Pierre Beyssac (May 05)
- Re: NT vs Unix on the Internet Bennett Todd (May 07)
- <Possible follow-ups>
- RE: NT vs Unix on the Internet Peter Mayne (May 05)
- Re: NT vs Unix on the Internet Joseph S. D. Yao (May 07)
- RE: NT vs Unix on the Internet Paquette, Trevor (May 05)
- RE: NT vs Unix on the Internet Aleph One (May 07)
- RE: NT vs Unix on the Internet Ted Doty (May 07)
- RE: NT vs Unix on the Internet Russ (May 07)
- NT vs Unix on the Internet BVE (May 07)
- RE: NT vs Unix on the Internet Russ (May 09)
- Re: NT vs Unix on the Internet Pierre Beyssac (May 05)