LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-19-2006, 03:31 PM   #1
Chayann Dutta
LQ Newbie
 
Registered: May 2006
Posts: 3

Rep: Reputation: 0
Linux more secure than windows


Hello,
Can anybody plz tell me how and why linux security feature is more robust than Windows.
thanx
 
Old 06-19-2006, 03:35 PM   #2
b0uncer
Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
One great reason is, for a while anyway, that most of the badass OS-crackers aim their attacks against Windows. And that Linux is "newer software" than Windows, and has learnt of some mistakes made in Windows, and is based on a totally different platform, which is why the "old" windows-diseases won't affect it that much.

It is certain, though, that no matter how robust the security of Linux is, some day when Windows goes out of the lights and the crackers' heads turn at Linux, the penguin-friendly OS will be as full of holes as Windows is today. Well, maybe not that much since Linux has more coders around the world than MS does, but that will not mean Linux is the ultimate OS that will keep on being a virus-free, problem-free, ultra-secure and totally-nice pack of goodies forever.
 
Old 06-19-2006, 06:18 PM   #3
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Lubuntu
Posts: 19,176
Blog Entries: 4

Rep: Reputation: 430Reputation: 430Reputation: 430Reputation: 430Reputation: 430
Moved: This thread is more suitable in Linux-Security and has been moved accordingly to help your thread/question get the exposure it deserves.
 
Old 06-24-2006, 09:44 PM   #4
evilDagmar
Member
 
Registered: Mar 2005
Location: Right behind you.
Distribution: NBG, then randomed.
Posts: 480

Rep: Reputation: 31
That's just a silly argument. More eyes don't make more holes any more than more firefighters make more fires.
 
Old 06-24-2006, 10:38 PM   #5
fedora4002
Member
 
Registered: Mar 2004
Posts: 135

Rep: Reputation: 15
You can never make a claim like that.
 
Old 06-26-2006, 03:23 AM   #6
primo
Member
 
Registered: Jun 2005
Posts: 542

Rep: Reputation: 34
Quote:
Originally Posted by b0uncer
One great reason is, for a while anyway, that most of the badass OS-crackers aim their attacks against Windows.
Actually, it may be the other way around... Linux machines may be attractive targets as they can be expected to be online at all times. They have a compiler, a shell and just everything they could want to command IRC bots, to download and (re)compress stuff or whatever.
 
Old 06-26-2006, 04:23 AM   #7
SlackDaemon
Member
 
Registered: Mar 2006
Distribution: RedHat, Slackware, Experimenting with FreeBSD
Posts: 222

Rep: Reputation: 30
Linux still is (and IMHO always will be) more secure than windows as it has many in-built security features in place. For instance even if a linux machine is hacked, you would specifically need to have access to a privileged account to have any serious affect on the system. The permissions system on Windows OS is relatively easier to bypass.

Plus if a system admin implements additional security features such as extended attributes, ACLs and SELinux policies you will be hard pressed to find a comparably safer OS around.

I have to agree with b0uncer though. The more popular an OS gets the more attention it gets from the hacker community.
 
Old 06-26-2006, 08:19 AM   #8
timmeke
Senior Member
 
Registered: Nov 2005
Location: Belgium
Distribution: Red Hat, Fedora
Posts: 1,515

Rep: Reputation: 61
Quote:
That's just a silly argument. More eyes don't make more holes any more than more firefighters make more fires.
As advocate of the devil:
just like Windows is buggy, Linux is buggy too. In fact, any piece of software is likely to be buggy at some point.
More eyes don't MAKE more holes, but they do SEE (ie detect) more holes.
The holes are most likely there ALREADY, they don't have to be made...

Luckily for Linux, the huge open source community is backing it up, making bugfixes and patches come out faster. Hence, it'll beat Windooz anyday...

As for windows, there are more disadvantages as well:
-as said, it keeps building on the same platform, which was initially really crappy. So, yes, it is getting better, but it'll take time.
-it is often over-complicated and too heavy. Most of this comes from the M$ policy of "keep the system admins dumb and the users dumber". Their whole security concept (user - power user - administrator - system) is a nice example.
On the other hand, it does have it's advantages too.

But that's just my opinion...
 
Old 06-26-2006, 08:39 AM   #9
primo
Member
 
Registered: Jun 2005
Posts: 542

Rep: Reputation: 34
Quote:
Originally Posted by SlackDaemon
I have to agree with b0uncer though. The more popular an OS gets the more attention it gets from the hacker community.
You're making a flawed assumption about causality based on the wrong statistics and you aren't saying about which type of "attention" a popular OS is getting and the consequences. Simply put, a high number of vulnerable machines is just a quantitative measure that you can't mix to conclude that "they get more attention". Pure and simple statistics. You understimate these facts that do have a real influence:
1- Any poorly designed OS is more likely to be hit by exploits. This variable alone makes possible the number of casualties each time it happens.
2- Windows has no more attentions than any other system if you look at the number of advisories by people doing vulnerality research.
3- Computer (in)security is business to some.
4- Enterprises may be the most worstly hit financially. Computer security is not about desktop users alone.

Last edited by primo; 06-26-2006 at 08:41 AM.
 
Old 06-27-2006, 08:06 AM   #10
b0uncer
Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
Quote:
Linux still is (and IMHO always will be) more secure than windows as it has many in-built security features in place. For instance even if a linux machine is hacked, you would specifically need to have access to a privileged account to have any serious affect on the system. The permissions system on Windows OS is relatively easier to bypass.
So was Troy.

What if the newbie didn't know how to use those features correctly? What if the newbie just wanted to access his other disk/partition, and got bored wondering which permissions worked and did some chmod a+rwx's, added everybody to the auto-sudo-group and finally opened some good-looking Desktop Remote Control doors just to show to all the good friends of the newbie that even newbies can get a good-looking desktop? Ok, that was quite a nightmare vision, but it happens. I hear all the time questions about how to get this and that working when the permissions are insufficient, and the hurry-most people do advice them to give quite plenty of permissions. On Windows people know viruses already, they know the trojans, they know if you put the ZoneAlarm, McAfee, F-Secure and Symantec icons blinking beside the clock you're safe. Many times people do know how to protect Windows better, despite it's flaws. On Linux it's not that simple most of the time. Even if you had a shield..do you know how to rise it so it protects you and not make you trip?

You're just overestimating Linux and yourselves. In the last hand it's human that's doing the work.

Last edited by b0uncer; 06-27-2006 at 08:15 AM.
 
Old 06-27-2006, 09:06 AM   #11
theYinYeti
Senior Member
 
Registered: Jul 2004
Location: France
Distribution: Arch Linux
Posts: 1,897

Rep: Reputation: 61
A bit old (2004) but may interest you:
http://www.theregister.co.uk/securit...dows_vs_linux/

Yves.
 
Old 06-27-2006, 01:07 PM   #12
Wintceas
LQ Newbie
 
Registered: Sep 2004
Location: Brazil
Distribution: Slackware - Debian
Posts: 26

Rep: Reputation: 15
Quote:
Originally Posted by b0uncer
So was Troy.

What if the newbie didn't know how to use those features correctly? What if the newbie just wanted to access his other disk/partition, and got bored wondering which permissions worked and did some chmod a+rwx's, added everybody to the auto-sudo-group and finally opened some good-looking Desktop Remote Control doors just to show to all the good friends of the newbie that even newbies can get a good-looking desktop? Ok, that was quite a nightmare vision, but it happens. I hear all the time questions about how to get this and that working when the permissions are insufficient, and the hurry-most people do advice them to give quite plenty of permissions. On Windows people know viruses already, they know the trojans, they know if you put the ZoneAlarm, McAfee, F-Secure and Symantec icons blinking beside the clock you're safe. Many times people do know how to protect Windows better, despite it's flaws. On Linux it's not that simple most of the time. Even if you had a shield..do you know how to rise it so it protects you and not make you trip?

You're just overestimating Linux and yourselves. In the last hand it's human that's doing the work.
Windows is inherently insecure. Linux isn't. If a lazy or novice user misuses the system, it's not its fault. We couldn't say the same about Windows. No matter how you are advanced and experienced, the better you can do it's to manage risks, worry all the time trying to stay updated with patches, in the case they're released by Microsoft, a thing seldom done swiftly BTW, and lose your hair and sleep in the process.

Last edited by Wintceas; 06-27-2006 at 01:08 PM.
 
Old 06-27-2006, 01:39 PM   #13
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 53
The problem is the chair-keyboard interface
Put a monkey on OpenBSD and his machine will get hacked.


Ok the security patches arrive quicker in Linux and more are discovered (more eyes) but sometimes people don't install them.

Somebody who knows window very well will not get hacked more than somebody who doesn't know linux.
 
Old 06-28-2006, 12:32 AM   #14
SlackDaemon
Member
 
Registered: Mar 2006
Distribution: RedHat, Slackware, Experimenting with FreeBSD
Posts: 222

Rep: Reputation: 30
Quote:
On Windows people know viruses already, they know the trojans, they know if you put the ZoneAlarm, McAfee, F-Secure and Symantec icons blinking beside the clock you're safe. Many times people do know how to protect Windows better, despite it's flaws.
While this is true, wouldn't it also be fair to say that a windows user needs to be smarter to protect themselves from (the numerous) dangers that affect windows. Using anti-virus and anti-spyware applications does not ensure protection. At the rate new exploits and malware come out for windows, you would have to update these apps on a regular basis (and even then the rate still exceeds these updates on occassion).

On the other hand the majority of attacks on Linux/UNIX based systems (besides DoS) are mainly focused on infiltration as opposed to the destructive nature of most windows based attacks. The default security policies set on Linux installations are more often than not, sufficient to ward against these attacks.

A case in point:
How many cases of virus, trojan, and spyware difficulties have been posted on this forum since it began? The few that are around refer to Lord Somer's LRK series which again leans towards securing an infiltration rather than a direct attempt to freeze a system.

Quote:
Windows has no more attentions than any other system if you look at the number of advisories by people doing vulnerality research.
I disagree. If you take a look at the number of exploits and malware targeted towards windows and compare it to the same for all other operating systems combined you'll get a pretty good picture of where windows stands right now.
You could point out that there are individuals that focus more on UNIX/Linux systems since they don't see windows as much of a challenge (eg- the majority of contributors to Phrack Magazine). However, these groups are again the black sheep in the family.

The organization I work at occasionally provides network setup services for it's larger corporate clients. I have completely given up on configuring windows based servers for these clients since it is a costly business keeping them secure. From personal experience someone will have to visit an organization using windows every few months, whereas one using Linux/UNIX can go on for years on end without a glitch. Most of the latter can be handled remotely as well.

*EDIT*
PS - That was a good article sited by theYinYeti. What it fails to point out however is that in the enterprise an infiltration into the DMZ is often just an attempt to attack the internal network (which is predominantly windows based in the majority of cases). Why do you think most of the anti-virus apps for Linux are targetted towards the mail, samba and ftp services? Its an irony that the first line of defence for a windows network depends on a Linux or UNIX variant.

Last edited by SlackDaemon; 06-28-2006 at 01:18 AM.
 
Old 06-28-2006, 02:47 PM   #15
b0uncer
Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
Quote:
While this is true, wouldn't it also be fair to say that a windows user needs to be smarter to protect themselves from (the numerous) dangers that affect windows. Using anti-virus and anti-spyware applications does not ensure protection. At the rate new exploits and malware come out for windows, you would have to update these apps on a regular basis (and even then the rate still exceeds these updates on occassion).
No, smartness is just what is not needed. People who use Windows and programs for it, only need - most of the time - either not care or press the big green button saying "Press Me To Be Safe", whereas Linux users still need to stick with the good old command line tools that not all the newbies know how to use efficiently. I'll say it again: a person who knows what s/he's doing on a Windows machine can make it safer than a Linux distribution he's not familiar with.

The updating is another thing; nearly all the Windows apps do the updating automatically with no user interaction needed. No smart-asses needed here. And there is this other thing too, now that we talk about being smart: how many times has iptables asked you whether or not you wish to kick a cracker out of your system? Or some other "Linux built-in/pre-installed system"? I'm saying to keep your system safe but usable you'll need to do a lot of work with a Linux box, but Windows on the other hand can help you out there. Windows provides tools for those who know what they're doing and newbies, Linux isn't that newbie-friendly, not even today with all the nice gui apps and automated stuff.

That got a bit off the topic, but I hope you'll still read it and think it. Linux still needs to evolve, before it's too late; if Windows died tomorrow, I would consider enforcing my security settings. Part of Linux's security illusion is surely caused by the fact that Windows is more interesting a target for some than Linux is. And that could change.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How secure is Linux compared to windows? bongski55 Linux - Security 18 09-19-2005 07:23 PM
Is Linux Truly More Secure than Windows? Nukem General 18 09-24-2004 09:54 AM
Linux vs windows? which is more secure? giovannym Linux - Security 5 08-05-2004 10:14 PM
Windows vs Linux, which is more secure? giovannym Linux - Newbie 5 08-05-2004 04:12 PM
Windows more secure than linux? Kage Linux - Security 7 02-12-2002 07:51 AM


All times are GMT -5. The time now is 12:37 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration