Re: [OT] M$ collaborates with Suse

On Fri, Nov 10, 2006 at 08:10:08AM -0500, Stephen Yorke wrote:

M$'s OS is ready...if you want some WWW Sites or servers which you think
you can hack or take down let me know and I will setup a couple and let
you go at it. If you hack them cool tell me how I can better my
security if not score one for M$ and let it be.

Just remember this...your OS is only as secure as you are and if you do
not know how to secure it you shouldn't be using it.


The main problem is that Windows' design facilitates bad security
practices. I agree that a competent admin can make a windows server
just as secure as anything else. However, if you setup a windows server
with IIS, what is the most likely method to let people get access to
their web space? Probably front page or ftp. Does front page use SSL?
I know for certain that ftp does not. If you setup a *nix server it is
trivial to give users sftp in lieu of ftp (and many GUI windows clients
which support ftp also support sftp).

What about secure administration? AFAIK, the remote administration
options for windows, including the offerings from Novell and others, all
operate in the clear. The presence of a real shell in *nix systems
allows me to do things like setup an ssh server, only allowing allowing
shell access to specific users, restricting access to public keys only.
Then, on my admin workstation, I script what I need done, and then I can
trivially accomplish the tasks on multiple servers securely. Doing such
a thing is difficult, if not impossible, in the windows world.

The difficulty of being *very* secure in the windows world and still
being able to work is such that many admins take short cuts or reduce
security out of convenience. In the *nix world it is possible to be
very secure and still be able to work nearly as easily and conveniently
as if you are not secure at all.

Regards,

-Roberto

--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com

Attachment: signature.asc
Description: Digital signature

Relevant Pages

  • Re: DB2 queries without using MF.
    ... That Windows data cannot be adequately secured is a canard. ... well now we know how secure the the links are just wonder how the 37 *MILLION* credit card numbers that got stolen... ... Don't confuse the desktop PC with the server. ... I have experienced an auditor trying to do his job and he is twarted at every turn. ...
    (bit.listserv.ibm-main)
  • Re: Linksys PSUS4 Printserver
    ... >Slottech wrote: ... from here you can do all the setups without using windows ... Yes it does work as I have the same print server and using ... If you need the info I have to setup I will post for you for my ...
    (alt.os.linux.suse)
  • RE: Windows 2008 FTPS Virtual Directory
    ... we are Windows Server General newsgroup and we mainly focus on ... Windows Server side issues here. ... If you setup your FTP server using Microsoft Internet Information Services ...
    (microsoft.public.windows.server.general)
  • Re: Link to Install Windows Server 2003
    ... To do a clean install, boot the Windows 2003 Server install CD-Rom. ... the Setup and driver files. ...
    (microsoft.public.windows.server.setup)
  • Re: Exchange 2003 in an Windows 2000 AD environment
    ... Log File is located on your system drive, Exchange Server Setup ... > when I run forestprep on a windows 2003 server in a Windows 2000 AD ... > same procedures on a vmware environment all works well the only difference ...
    (microsoft.public.exchange.setup)