Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
hello friends
i am still a newbie. i just wanted to know why is linux better than windows on basis of security and services (pls exclude the opensource)...
if so wat makes it so ? if not why?
pls could ny one tell me bout some sites wer i can bag details........
Distribution: FC1, Gentoo, Mdk 8.1, RH7-8-9, Knoppix, Zuarus rom 3.13
Posts: 98
Rep:
What the heck. I'll bite.
I won't go down the road of which is better but I will share some observations and you decide for yourself.
It's my experiance that in Windows the majority of services must run as local system or as administrator to function properly. This is one of the reasons why if a MS SQL database is compromised it's a big deal. You not only have the database but you also have admin on the windows box it runs on. In linux this is generally not the case. Services such as SSH, Oracle, Sybase, Samba, etc do not run as root. They are set to run as a user level account.
Also internally Windows is more complex. The user interface is wonderfully simple and friendly but all the work that goes behind that makes the internals intricake and complicated. Conversely Linux is not nearly as complex in how kernel level / daemon level events are traded. The more complex a system the more places things can occure that were not intended by the programers. But don't take my word on this. Just ask the CEO of Check Point firewall.
As far as funcionality of services etc. It's worthy considering the development base. I know you said don't ref to opensource and in a way this isn't.. but there are far more developers working on improvements and functionality to linux services than there are in Redmond, WA.
Linux is only the kernel.. everthing else -is- opensource software.
sibu_rajappan, asking a question about security and not being allowed to discuss open/closed nature of software is a bit like asking the Pope to talk about religion but without mentioning Catholicism.
I seem to remember reading somewhere (I think it may have been a disgruntled ex-employee of Microsoft, but don't let that sway your judgement of his story) that Microsoft Windows 2000 Server had an incredible (at the time) 300-odd serious security bugs submitted for fixing in Service Pack 1. When Service Pack 1 came out it (apparently) claimed to fix about 250-ish serious security bugs... of which (again, apparently) only about 15 to 20 were of the original 300.
Now if this is true, I think it speaks for itself as to the effectiveness of a closed-source approach to security fixes in software.
I also seem to recall that one of the major points for closed source development is that open source has a "greater number" of bugfixes than does closed source software... but they often neglect to mention that the number of bug fixes available does not necessarily equate to the number of exploitable bugs.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.