Some myths in computer security and why Linux is more secure than windows!
Another of my rants after recently speaking to a windows sys admin about computer security (they need to wake up)
1) Obfuscation isnt good
Yes it is in profiling a target i.e a port scan to a target doesent return anything on port 22? A bot/worm/automated or any scan of ranges wouldnt find your server.
Yes its bad if its your only defence mechanism, security especially computer security should always be enhanced by layers (the more you have to peel!)
How many security levels are there in windows? AntiVirs ok so we detected a KNOWN SIGNATURE, or the not so good/bad heuistics has detected a kernel injection?
IMHO the windows kernel is badly written (the core of windows, this is also IMHO from the weakness I have seen in windows). An OS is built on its kernel. You ever wondered why windows needs rebooting alot! I upgraded a box the other day needed reboot to install an update before all the other updates could be installed! Then three hours later 😀 it finished! It Could be a closed source issue (no communication between departments?) meh. windows would need a total re-write to fix (just like the recent smb sploit on for 2k3!).
Then what options do you have, I havent in quite a while (hope I never have to) had to secure a windows box (so correct me If Im wrong, their may/is be open source ports of the IDS and security tools available on Linux for windows)
2) Changing your SSH port is bad.
Ive seen some researchers who have said changing your SSH port is bad although partly true this is also partly bullshit.
You shouldnt change your port to a non privileged port (anything higher than 1024) because a non root user can listen on a non privaliged port anything higher than 1024.
i.e a web application gets compromised and enables write access to the htdocs compromised htdocs can now listen on 2222!
3) Linux is secure because its not targeted.
LMFAO The majority of the Internet is run on Unix/Linux so drop the target audience! But seeing all the web app exploits these days is showing IMHO yes users are a major compromise entry point but the OS still controls/contains the spread.
Arguably yes the user is possibly a fault and cause but Linux depending on dist is IMHO easier to use than Windows these days?
4) Windows is only insecure as its widly targeted and user exploitation.
Lets look at an example windows user visits a watering hole , probably compromised as thats the target audience We have root!
No user interaction would have been required to exploit the above method. The recently patched but unpatched in win 2k3 (and never will be) active directory smb exploit, imagine the damage!
Now a Linux user visits same site bam.
We have the limit of a user to a limited section of the os (this is where user exploitation comes in) yeah you could write a shell script to there home directory and then what?, its only going to do anything if the user is fooled or another method of execution is elevated but then steps in user limitation and SELinux/AppArmor!.
windows was initially designed as a single user OS with no network connectivity (full of design flaws)
Unix/Linux was designed for and still dominates super computers, it was designed for network connectivity as well as multi user (alot of the design flaws in windows dont exist)!
Which is more secure?
Excuse my grammar I write more code than English.