Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



More Attacks on Linux than Windows

superdk Re:Only attacks that are noticed can be recorded (412 comments)

I work for a CLEC (phone company) that provides T1s data and voice. Most of the time we provide a router and manage it ourselves. You would not believe how many admins/IT departments don't know that their windows boxes have been compromised. Someone says their internet is slow, a ticket comes to my group, we look at the traffic going across the router and sure enough, some box inside the network is scanning subnets on a specific TCP or UDP port.

we've got the webserver worms scanning on port 80...
then there's a nice SQL hack out there that scans on 1433
there's a netbios hack which scans 139
and there are a few other obscure hacks for some other servces which aren't used too much

in the last year of doing this job, i saw one guy with a linux box and an old, unpatched version of Bind. his box was scanning on port 53 of course.

why do i see so many windows boxes that are hacked/infected? mainly because most people don't know to use anything else!! beyond that they don't manage the boxes like they should (patches, updates...) and on top of that, they don't know when it's been compromised. poor management and lax security practices cause a BIG part of the problem. the correlation most people make is "windows = poor security" when they should be saying "admin-who-doesn't-understand-anything-but-point-a nd-click = poor security"

now i'm not a windows advocate, but for crying out loud, if a windows admin keeps up with patches and updates and keeps logs and does all the right stuff, he'll most likely be ok. on the other hand, if a linux admin installs the box and leaves it hanging out on the internet, he's going to have problems.

more than 12 years ago


superdk hasn't submitted any stories.


superdk has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?