Some myths in computer security and why Linux is more secure than windows!
Another of my rants after recently speaking to a windows sys admin about computer security (they need to wake up)
1) Obfuscation isnt good
Yes it is in profiling a target i.e a port scan to a target doesent return anything on port 22? A bot/worm/automated or any scan of ranges wouldnt find your server.
Yes its bad if its your only defence mechanism, security especially computer security should always be enhanced by layers (the more you have to peel!)
2) Changing your SSH port is bad.
Ive seen some researchers who have said changing your SSH port is bad although partly true this is also partly bullshit.
You shouldnt change your port to a non privileged port (anything higher than 1024) because a non root user can listen on a non privaliged port anything higher than 1024.
i.e a web application gets compromised and enables write access to the htdocs compromised htdocs can now listen on 2222!
3) Linux is secure because its not targeted.
LMFAO The majority of the Internet is run on Unix/Linux so drop the target audience! But seeing all the web app exploits these days is showing IMHO yes users are a major compromise entry point but the OS still controls/contains the spread.
Arguably yes the user is possibly a fault and cause but Linux depending on dist is IMHO easier to use than Windows these days?
4) Windows is only insecure as its widly targeted and user exploitation.
Lets look at an example windows user visits a watering hole , probably compromised as thats the target audience We have root!
No user interaction would have been required to exploit the above method. The recently patched but unpatched in win 2k3 (and never will be) active directory smb exploit, imagine the damage!
Now a Linux user visits same site bam.
We have the limit of a user to a limited section of the os (this is where user exploitation comes in) yeah you could write a shell script to there home directory and then what?, its only going to do anything if the user is fooled or another method of execution is elevated but then steps in user limitation and SELinux/AppArmor!.
windows was initially designed as a single user OS with no network connectivity (full of design flaws)
Unix/Linux was designed for and still dominates super computers, it was designed for network connectivity as well as multi user (alot of the design flaws in windows dont exist)!
Which is more secure?