In article <ewyqpdD4HHA.2208@TK2MSFTNGP06.phx.gbl>, none@nospam says...

> Actually it's probably a bit of both. Straight hacking a random Linux

> box, good luck. It's when things like root-kits somehow get installed

> (usually by a clueless admin being fooled by some advert on the web,

> irc, etc) that's the big cause of infiltrations. This is true of any OS

> that can be accessed remotely.

 

But that fits the target audience for Ubuntu, clueless users running as

root.

 

--

 

Leythos

- Igitur qui desiderat pacem, praeparet bellum.

- Calling an illegal alien an "undocumented worker" is like calling a

drug dealer an "unlicensed pharmacist"

spam999free@rrohio.com (remove 999 for proper email address)

Leythos wrote:

> In article <ewyqpdD4HHA.2208@TK2MSFTNGP06.phx.gbl>, none@nospam

> says...

>> Actually it's probably a bit of both. Straight hacking a random Linux

>> box, good luck. It's when things like root-kits somehow get installed

>> (usually by a clueless admin being fooled by some advert on the web,

>> irc, etc) that's the big cause of infiltrations. This is true of any

>> OS that can be accessed remotely.

>

> But that fits the target audience for Ubuntu, clueless users running

> as root.

 

 

And how is that true? If any system almsot forces you to run as admin

(to really do anything useful) it's Windows. I don't know of an OS with

more clueless people.

In article <5ijn0fF3pja2bU1@mid.individual.net>,

louisREMOVE@REMOVEh4h.com says...

> Leythos wrote:

> > In article <ewyqpdD4HHA.2208@TK2MSFTNGP06.phx.gbl>, none@nospam

> > says...

> >> Actually it's probably a bit of both. Straight hacking a random Linux

> >> box, good luck. It's when things like root-kits somehow get installed

> >> (usually by a clueless admin being fooled by some advert on the web,

> >> irc, etc) that's the big cause of infiltrations. This is true of any

> >> OS that can be accessed remotely.

> >

> > But that fits the target audience for Ubuntu, clueless users running

> > as root.

>

>

> And how is that true? If any system almsot forces you to run as admin

> (to really do anything useful) it's Windows. I don't know of an OS with

> more clueless people.

 

And those same clueless people hear about a new, great, security driven,

OS that's free and they make the same mistakes that make in Windows -

they run as Root, download anything, compromise their machines, etc...

 

I've been using PC's since the 70's, never had a virus/malware on any of

My Own computers, never, and that includes about every OS on the market

and some that weren't, so it's not the OS, they all have flaws, it's the

idiots that fall for the marketing crap that tells them this OS will

keep them from getting hacked....

 

--

 

Leythos

- Igitur qui desiderat pacem, praeparet bellum.

- Calling an illegal alien an "undocumented worker" is like calling a

drug dealer an "unlicensed pharmacist"

spam999free@rrohio.com (remove 999 for proper email address)

Leythos wrote:

> In article <ewyqpdD4HHA.2208@TK2MSFTNGP06.phx.gbl>, none@nospam says...

>> Actually it's probably a bit of both. Straight hacking a random Linux

>> box, good luck. It's when things like root-kits somehow get installed

>> (usually by a clueless admin being fooled by some advert on the web,

>> irc, etc) that's the big cause of infiltrations. This is true of any OS

>> that can be accessed remotely.

>

> But that fits the target audience for Ubuntu, clueless users running as

> root.

>

Ubuntu, by default, does not run as root. The only default way to gain

root is as superuser, and that access is limited only to the person that

creates the original user account. And the original user is the only one

that can create secondary accounts with ANY privileges. In other words,

clueless users running as root is very much an oxymoron.

 

--

norm

norm wrote:

> Leythos wrote:

>

>> In article <ewyqpdD4HHA.2208@TK2MSFTNGP06.phx.gbl>, none@nospam says...

>>

>>> Actually it's probably a bit of both. Straight hacking a random Linux

>>> box, good luck. It's when things like root-kits somehow get installed

>>> (usually by a clueless admin being fooled by some advert on the web,

>>> irc, etc) that's the big cause of infiltrations. This is true of any

>>> OS that can be accessed remotely.

>>

>>

>> But that fits the target audience for Ubuntu, clueless users running

>> as root.

>>

> Ubuntu, by default, does not run as root. The only default way to gain

> root is as superuser, and that access is limited only to the person that

> creates the original user account. And the original user is the only one

> that can create secondary accounts with ANY privileges. In other words,

> clueless users running as root is very much an oxymoron.

>

 

Administrator is disabled by default in Vista.

Frank

On Thu, 16 Aug 2007 13:43:23 -0500, thetruthhurts wrote:

> On Thu, 16 Aug 2007 11:11:07 -0700, "Saran" <none@nospam> wrote:

>

> Unix and Linux have far fewer wholes to be

>>exploited by Windows and last I checked, are not exactly the easiest to

>>hack into.

>

> Is that really true or is just a lot fewer people are trying to hack

> them?

 

I believe it really is true. The security model is completely different.

But, for practical purposes, does it really matter?

Lang Murphy wrote:

> <snip>

>

>> The article seems to suggest that the machines in question were

>> extremely poorly maintained and running outdated versions of the OS.

>

> And that doesn't happen with regularity in the real world? You think

> this is an extreme exception?

>

> Lang

 

 

Not in the least, not me anyway.

"Mr. Arnold" <MR. Arnold@Arnold.com> wrote in message

news:%23NTPNiD4HHA.4672@TK2MSFTNGP05.phx.gbl...

>

> <snipped>

>

>> I guess it depends if the admins actually do their job as maintainers. If

>> they don't, it's no one's fault but their own.

>>

>>> You think this is an extreme exception?

>>

>> For live servers, yes I do. Any properly maintained live server (like

>> those in data centers used by hosting companies) should fall prey to such

>> attacks if the admins do their jobs. If they do then someone wasn't

>> taking care of things.

>

> What you have said up above there makes no sense whatsoever.

>

> The bottom line is no matter what it is, as long as Human Beings are

> involved with it in some kind of way there is always going to

> vulnerabilities.

 

That's basically what he said. It was the admins who were at fault in this

case.

Kerry Brown wrote:

> "Charlie Tame" <charlie@tames.net> wrote in message

> news:eYk2p163HHA.1824@TK2MSFTNGP04.phx.gbl...

>> Richard Urban wrote:

>>> So much for Linux (Ubuntu) being bullet proof.

>>>

>>> Ubuntu servers hijacked. Used to launch attack.

>>>

>>> http://www.eweek.com/article2/0,1895,2171318,00.asp

>>>

>>> People have been saying right along that ***ALL*** operating systems

>>> are vulnerable!

>>>

>>

>>

>>

>> If you thought otherwise then it only exposes a deplorable lack of

>> knowledge on your part.

>>

>> The article seems to suggest that the machines in question were

>> extremely poorly maintained and running outdated versions of the OS.

>

>

> If Canonical can't maintain a Linux server who can? Can you imagine the

> outcry if Microsoft's server's were hacked because they hadn't kept them

> up to date? I totally agree that the reason this happened is because the

> servers were out of date but it is ironic that they were servers run by

> Canonical. It is more a statement of how important it is to stay up to

> date with patches than anything else. The OS is really irrelevant.

>

 

 

Absolutely in agreement, and yes it is ironic, someone needs their

backside kicked to be honest, but you made the important point that the

OS is not relevant at all.

"Frank" <fb@nospaner.cnm> wrote in message

news:%23QAcIIC4HHA.948@TK2MSFTNGP06.phx.gbl...

> norm wrote:

>> Kerry Brown wrote:

>>

>>> "Charlie Tame" <charlie@tames.net> wrote in message

>>> news:eYk2p163HHA.1824@TK2MSFTNGP04.phx.gbl...

>>>

>>>> Richard Urban wrote:

>>>>

>>>>> So much for Linux (Ubuntu) being bullet proof.

>>>>>

>>>>> Ubuntu servers hijacked. Used to launch attack.

>>>>>

>>>>> http://www.eweek.com/article2/0,1895,2171318,00.asp

>>>>>

>>>>> People have been saying right along that ***ALL*** operating systems

>>>>> are vulnerable!

>>>>>

>>>>

>>>>

>>>>

>>>> If you thought otherwise then it only exposes a deplorable lack of

>>>> knowledge on your part.

>>>>

>>>> The article seems to suggest that the machines in question were

>>>> extremely poorly maintained and running outdated versions of the OS.

>>>

>>>

>>>

>>> If Canonical can't maintain a Linux server who can? Can you imagine the

>>> outcry if Microsoft's server's were hacked because they hadn't kept them

>>> up to date? I totally agree that the reason this happened is because the

>>> servers were out of date but it is ironic that they were servers run by

>>> Canonical. It is more a statement of how important it is to stay up to

>>> date with patches than anything else. The OS is really irrelevant.

>>>

>> Although it doesn't mitigate the situation, it was local communities

>> operating and maintaining the servers, not canonical. See the following:

>> http://www.dslreports.com/forum/r18880277-Ubuntu-servers-hacked-to-attack-others

>

> The linturd zealots always represent that linux can be run totally

> securely by any 6 yr old.

> I guess reality is a difficult thing to accept.

> Frank

 

I don't recall anyone ever sayign that of Linux. Linux is overall more

secure than Windows, but it comes down to who is administrating it.

 

On the other hand, any 6 year old using internet explorer can royally fubar

a Windows system within minutes if not seconds.

Frank wrote:

> norm wrote:

>> Kerry Brown wrote:

>>

>>> "Charlie Tame" <charlie@tames.net> wrote in message

>>> news:eYk2p163HHA.1824@TK2MSFTNGP04.phx.gbl...

>>>

>>>> Richard Urban wrote:

>>>>

>>>>> So much for Linux (Ubuntu) being bullet proof.

>>>>>

>>>>> Ubuntu servers hijacked. Used to launch attack.

>>>>>

>>>>> http://www.eweek.com/article2/0,1895,2171318,00.asp

>>>>>

>>>>> People have been saying right along that ***ALL*** operating

>>>>> systems are vulnerable!

>>>>>

>>>>

>>>>

>>>>

>>>> If you thought otherwise then it only exposes a deplorable lack of

>>>> knowledge on your part.

>>>>

>>>> The article seems to suggest that the machines in question were

>>>> extremely poorly maintained and running outdated versions of the OS.

>>>

>>>

>>>

>>> If Canonical can't maintain a Linux server who can? Can you imagine

>>> the outcry if Microsoft's server's were hacked because they hadn't

>>> kept them up to date? I totally agree that the reason this happened

>>> is because the servers were out of date but it is ironic that they

>>> were servers run by Canonical. It is more a statement of how

>>> important it is to stay up to date with patches than anything else.

>>> The OS is really irrelevant.

>>>

>> Although it doesn't mitigate the situation, it was local communities

>> operating and maintaining the servers, not canonical. See the following:

>> http://www.dslreports.com/forum/r18880277-Ubuntu-servers-hacked-to-attack-others

>>

>>

>

> The linturd zealots always represent that linux can be run totally

> securely by any 6 yr old.

> I guess reality is a difficult thing to accept.

> Frank

 

 

I'm always happy to criticize anything Frank :)

DanS wrote:

> "Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in

> news:ucCM0QB4HHA.3400@TK2MSFTNGP03.phx.gbl:

>

>

>>> The article seems to suggest that the machines in question were

>>> extremely poorly maintained and running outdated versions of the OS.

>>

>> If Canonical can't maintain a Linux server who can? Can you imagine

>> the outcry if Microsoft's server's were hacked because they hadn't

>> kept them up to date? I totally agree that the reason this happened is

>> because the servers were out of date but it is ironic that they were

>> servers run by Canonical. It is more a statement of how important it

>> is to stay up to date with patches than anything else. The OS is

>> really irrelevant.

>

> What's not so irrelevent is the way the 'hack' may have perpetrated.

>

> While no absolute method of hacking was given, no 'exploit', this

> statement was made...

>

> "FTP (not sftp, without SSL) was being used to access the machines, so an

> attacker (in the right place) could also have gotten access by sniffing

> the clear-text passwords," he said.

>

> If that was the method used, there was no 'hacking' or exploit involved,

> as it wouldn't have been some internal deficiency, just simply using an

> existing sniffed login and password.

>

> I've always detested the way Windows Server FTP server could only be

> accesssed by users if they have a l/p in AD.

>

> People have got to remember, basic SMTP, FTP, POP, and NNTP protocols do

> use plain text when sending usernames and passwords.

 

 

Actually a very very valid observation. Once you hand over the car keys

expect to walk home :)

In article <uGEM8yD4HHA.3900@TK2MSFTNGP02.phx.gbl>,

noone@afakeddomain.net says...

> Ubuntu, by default, does not run as root. The only default way to gain

> root is as superuser, and that access is limited only to the person that

> creates the original user account. And the original user is the only one

> that can create secondary accounts with ANY privileges. In other words,

> clueless users running as root is very much an oxymoron.

 

No, since it's being touted as the OS for home users, simple to use,

easy to install, etc... The same target will run as SU all the time,

they were told that you don't need AV, it's not hackable, no security

threats, that's why they will run as root and why they get compromised.

 

 

 

--

 

Leythos

- Igitur qui desiderat pacem, praeparet bellum.

- Calling an illegal alien an "undocumented worker" is like calling a

drug dealer an "unlicensed pharmacist"

spam999free@rrohio.com (remove 999 for proper email address)

Jerry White wrote:

> "Frank" <fb@nospaner.cnm> wrote in message

>> The linturd zealots always represent that linux can be run totally

>> securely by any 6 yr old.

>> I guess reality is a difficult thing to accept.

>> Frank

>

> I don't recall anyone ever sayign that of Linux. Linux is overall more

> secure than Windows, but it comes down to who is administrating it.

>

> On the other hand, any 6 year old using internet explorer can royally fubar

> a Windows system within minutes if not seconds.

 

 

I knew someone once, I swear to God he could have crashed an Abacus...

You miss the sarcasim in the post Charlie!

 

 

 

"Charlie Tame" wrote:

> Richard Urban wrote:

> > So much for Linux (Ubuntu) being bullet proof.

> >

> > Ubuntu servers hijacked. Used to launch attack.

> >

> > http://www.eweek.com/article2/0,1895,2171318,00.asp

> >

> > People have been saying right along that ***ALL*** operating systems are

> > vulnerable!

> >

>

>

>

> If you thought otherwise then it only exposes a deplorable lack of

> knowledge on your part.

>

> The article seems to suggest that the machines in question were

> extremely poorly maintained and running outdated versions of the OS.

>

"Leythos" <void@nowhere.lan> wrote in message

news:MPG.212e70f573e94eb3989830@adfree.Usenet.com...

> In article <5ijn0fF3pja2bU1@mid.individual.net>,

> louisREMOVE@REMOVEh4h.com says...

>> Leythos wrote:

>> > In article <ewyqpdD4HHA.2208@TK2MSFTNGP06.phx.gbl>, none@nospam

>> > says...

>> >> Actually it's probably a bit of both. Straight hacking a random Linux

>> >> box, good luck. It's when things like root-kits somehow get installed

>> >> (usually by a clueless admin being fooled by some advert on the web,

>> >> irc, etc) that's the big cause of infiltrations. This is true of any

>> >> OS that can be accessed remotely.

>> >

>> > But that fits the target audience for Ubuntu, clueless users running

>> > as root.

>>

>>

>> And how is that true? If any system almsot forces you to run as admin

>> (to really do anything useful) it's Windows. I don't know of an OS with

>> more clueless people.

>

> And those same clueless people hear about a new, great, security driven,

> OS that's free and they make the same mistakes that make in Windows -

> they run as Root, download anything, compromise their machines, etc...

 

Well in the case of the news story linked at the beginning of this thread,

the systems were not actually hacked. A clueless admin just wasn't keeping

an eye on things. The method was brute force, not hacking (ahem, cracking)

where as windows is routinely exploited through various holes in security.

While Unix and Linux are not immune to that, it's at a far lower frequency,

and problems typically arrise from a hole in a particular

program/service(daemon) that isn't run correctly, and not so much to a hole

i nthe OS's core. In others Linux at the core is far more solid and robust

and far less swiss cheesey than Windows.

Leythos wrote:

> In article <uGEM8yD4HHA.3900@TK2MSFTNGP02.phx.gbl>,

> noone@afakeddomain.net says...

>> Ubuntu, by default, does not run as root. The only default way to gain

>> root is as superuser, and that access is limited only to the person that

>> creates the original user account. And the original user is the only one

>> that can create secondary accounts with ANY privileges. In other words,

>> clueless users running as root is very much an oxymoron.

>

> No, since it's being touted as the OS for home users, simple to use,

> easy to install, etc... The same target will run as SU all the time,

> they were told that you don't need AV, it's not hackable, no security

> threats, that's why they will run as root and why they get compromised.

>

>

>

That is not my understanding nor my experience. You are off base on this

one. Please read the following closely and completely:

https://help.ubuntu.com/community/RootSudo

 

--

norm

"Frank" <fb@nospaner.cnm> wrote in message

news:e2iNr6D4HHA.4400@TK2MSFTNGP06.phx.gbl...

> norm wrote:

>

>> Leythos wrote:

>>

>>> In article <ewyqpdD4HHA.2208@TK2MSFTNGP06.phx.gbl>, none@nospam says...

>>>

>>>> Actually it's probably a bit of both. Straight hacking a random Linux

>>>> box, good luck. It's when things like root-kits somehow get installed

>>>> (usually by a clueless admin being fooled by some advert on the web,

>>>> irc, etc) that's the big cause of infiltrations. This is true of any OS

>>>> that can be accessed remotely.

>>>

>>>

>>> But that fits the target audience for Ubuntu, clueless users running as

>>> root.

>>>

>> Ubuntu, by default, does not run as root. The only default way to gain

>> root is as superuser, and that access is limited only to the person that

>> creates the original user account. And the original user is the only one

>> that can create secondary accounts with ANY privileges. In other words,

>> clueless users running as root is very much an oxymoron.

>>

>

> Administrator is disabled by default in Vista.

 

Actually most preinstalled systems (hp, etc) have accounts with

administrative priviliages (or at least you don't need to need a user/pass

when you're prompted to do this or that...)

 

And fresh installs, even if you aren't using admin, you need admin

credientials to do a lot of things, where as on linux you can setup

predetermined commands and such lower users can use (eg sudo and such.)

"Charlie Tame" <charlie@tames.net> wrote in message

news:uAEfhDG4HHA.4184@TK2MSFTNGP06.phx.gbl...

> Lang Murphy wrote:

>> <snip>

>>

>>> The article seems to suggest that the machines in question were

>>> extremely poorly maintained and running outdated versions of the OS.

>>

>> And that doesn't happen with regularity in the real world? You think this

>> is an extreme exception?

>>

>> Lang

>

>

> Not in the least, not me anyway.

 

Properly maintained server farms would never allow someone the time to brute

force. "Happening with regularity" seems to apply more to home users who

don't know how to maintain their systems, and not so much to large server

farms.

Jerry White wrote:

>

> I don't recall anyone ever sayign that of Linux.

 

Then you must either be a newbie or else suffering from extreme memory loss.

Search this ng (if you know how) and I'm sure you'll find that reference

from out resident and/or former linux as*holes.

Frank

Charlie Tame wrote:

> Frank wrote:

>

>> norm wrote:

>>

>>> Kerry Brown wrote:

>>>

>>>> "Charlie Tame" <charlie@tames.net> wrote in message

>>>> news:eYk2p163HHA.1824@TK2MSFTNGP04.phx.gbl...

>>>>

>>>>> Richard Urban wrote:

>>>>>

>>>>>> So much for Linux (Ubuntu) being bullet proof.

>>>>>>

>>>>>> Ubuntu servers hijacked. Used to launch attack.

>>>>>>

>>>>>> http://www.eweek.com/article2/0,1895,2171318,00.asp

>>>>>>

>>>>>> People have been saying right along that ***ALL*** operating

>>>>>> systems are vulnerable!

>>>>>>

>>>>>

>>>>>

>>>>>

>>>>> If you thought otherwise then it only exposes a deplorable lack of

>>>>> knowledge on your part.

>>>>>

>>>>> The article seems to suggest that the machines in question were

>>>>> extremely poorly maintained and running outdated versions of the OS.

>>>>

>>>>

>>>>

>>>>

>>>> If Canonical can't maintain a Linux server who can? Can you imagine

>>>> the outcry if Microsoft's server's were hacked because they hadn't

>>>> kept them up to date? I totally agree that the reason this happened

>>>> is because the servers were out of date but it is ironic that they

>>>> were servers run by Canonical. It is more a statement of how

>>>> important it is to stay up to date with patches than anything else.

>>>> The OS is really irrelevant.

>>>>

>>> Although it doesn't mitigate the situation, it was local communities

>>> operating and maintaining the servers, not canonical. See the following:

>>> http://www.dslreports.com/forum/r18880277-Ubuntu-servers-hacked-to-attack-others

>>>

>>>

>>

>> The linturd zealots always represent that linux can be run totally

>> securely by any 6 yr old.

>> I guess reality is a difficult thing to accept.

>> Frank

>

>

>

> I'm always happy to criticize anything Frank :)

 

Frankly, I don't give a damn!

Frank

Charlie Tame wrote:

> Kerry Brown wrote:

>

>> "Charlie Tame" <charlie@tames.net> wrote in message

>> news:eYk2p163HHA.1824@TK2MSFTNGP04.phx.gbl...

>>

>>> Richard Urban wrote:

>>>

>>>> So much for Linux (Ubuntu) being bullet proof.

>>>>

>>>> Ubuntu servers hijacked. Used to launch attack.

>>>>

>>>> http://www.eweek.com/article2/0,1895,2171318,00.asp

>>>>

>>>> People have been saying right along that ***ALL*** operating systems

>>>> are vulnerable!

>>>>

>>>

>>>

>>>

>>> If you thought otherwise then it only exposes a deplorable lack of

>>> knowledge on your part.

>>>

>>> The article seems to suggest that the machines in question were

>>> extremely poorly maintained and running outdated versions of the OS.

>>

>>

>>

>> If Canonical can't maintain a Linux server who can? Can you imagine

>> the outcry if Microsoft's server's were hacked because they hadn't

>> kept them up to date? I totally agree that the reason this happened is

>> because the servers were out of date but it is ironic that they were

>> servers run by Canonical. It is more a statement of how important it

>> is to stay up to date with patches than anything else. The OS is

>> really irrelevant.

>>

>

>

> Absolutely in agreement, and yes it is ironic, someone needs their

> backside kicked to be honest, but you made the important point that the

> OS is not relevant at all.

 

Great! Lets all be sure and remember that little kernel of truth in the

future ok?

Thanks.

Frank

Jerry White wrote:

> "Frank" <fb@nospaner.cnm> wrote in message

> news:e2iNr6D4HHA.4400@TK2MSFTNGP06.phx.gbl...

>

>>norm wrote:

>>

>>

>>>Leythos wrote:

>>>

>>>

>>>>In article <ewyqpdD4HHA.2208@TK2MSFTNGP06.phx.gbl>, none@nospam says...

>>>>

>>>>

>>>>>Actually it's probably a bit of both. Straight hacking a random Linux

>>>>>box, good luck. It's when things like root-kits somehow get installed

>>>>>(usually by a clueless admin being fooled by some advert on the web,

>>>>>irc, etc) that's the big cause of infiltrations. This is true of any OS

>>>>>that can be accessed remotely.

>>>>

>>>>

>>>>But that fits the target audience for Ubuntu, clueless users running as

>>>>root.

>>>>

>>>

>>>Ubuntu, by default, does not run as root. The only default way to gain

>>>root is as superuser, and that access is limited only to the person that

>>>creates the original user account. And the original user is the only one

>>>that can create secondary accounts with ANY privileges. In other words,

>>>clueless users running as root is very much an oxymoron.

>>>

>>

>>Administrator is disabled by default in Vista.

>

>

> Actually most preinstalled systems (hp, etc) have accounts with

> administrative priviliages (or at least you don't need to need a user/pass

> when you're prompted to do this or that...)

>

> And fresh installs, even if you aren't using admin, you need admin

> credientials to do a lot of things, where as on linux you can setup

> predetermined commands and such lower users can use (eg sudo and such.)

>

>

 

No, not really. Super root/super admin is disabled by default in all

installs of Vista.

Sorry, but you're wrong.

Try again.

Frank

"Jerry White" <jwhite@cis.ucla.edu> wrote in message

news:%23rCSnDG4HHA.4672@TK2MSFTNGP05.phx.gbl...

> "Mr. Arnold" <MR. Arnold@Arnold.com> wrote in message

> news:%23NTPNiD4HHA.4672@TK2MSFTNGP05.phx.gbl...

>>

>> <snipped>

>>

>>> I guess it depends if the admins actually do their job as maintainers.

>>> If they don't, it's no one's fault but their own.

>>>

>>>> You think this is an extreme exception?

>>>

>>> For live servers, yes I do. Any properly maintained live server (like

>>> those in data centers used by hosting companies) should fall prey to

>>> such attacks if the admins do their jobs. If they do then someone wasn't

>>> taking care of things.

>>

>> What you have said up above there makes no sense whatsoever.

>>

>> The bottom line is no matter what it is, as long as Human Beings are

>> involved with it in some kind of way there is always going to

>> vulnerabilities.

>

> That's basically what he said. It was the admins who were at fault in this

> case.

 

There is no basically about it. That is NOT what the person has said. I said

one thing, and the person is totally saying something else. I am not here to

read between the lines, nor am I here to try to interpret what someone might

be saying.

"Jerry White" <jwhite@cis.ucla.edu> wrote in message

news:uM69GEH4HHA.5804@TK2MSFTNGP05.phx.gbl...

>

> "Leythos" <void@nowhere.lan> wrote in message

> news:MPG.212e70f573e94eb3989830@adfree.Usenet.com...

>> In article <5ijn0fF3pja2bU1@mid.individual.net>,

>> louisREMOVE@REMOVEh4h.com says...

>>> Leythos wrote:

>>> > In article <ewyqpdD4HHA.2208@TK2MSFTNGP06.phx.gbl>, none@nospam

>>> > says...

>>> >> Actually it's probably a bit of both. Straight hacking a random Linux

>>> >> box, good luck. It's when things like root-kits somehow get installed

>>> >> (usually by a clueless admin being fooled by some advert on the web,

>>> >> irc, etc) that's the big cause of infiltrations. This is true of any

>>> >> OS that can be accessed remotely.

>>> >

>>> > But that fits the target audience for Ubuntu, clueless users running

>>> > as root.

>>>

>>>

>>> And how is that true? If any system almsot forces you to run as admin

>>> (to really do anything useful) it's Windows. I don't know of an OS with

>>> more clueless people.

>>

>> And those same clueless people hear about a new, great, security driven,

>> OS that's free and they make the same mistakes that make in Windows -

>> they run as Root, download anything, compromise their machines, etc...

>

> Well in the case of the news story linked at the beginning of this thread,

> the systems were not actually hacked. A clueless admin just wasn't keeping

> an eye on things. The method was brute force, not hacking (ahem, cracking)

> where as windows is routinely exploited through various holes in security.

> While Unix and Linux are not immune to that, it's at a far lower

> frequency, and problems typically arrise from a hole in a particular

> program/service(daemon) that isn't run correctly, and not so much to a

> hole i nthe OS's core. In others Linux at the core is far more solid and

> robust and far less swiss cheesey than Windows.

 

What difference does all this that you talk about make? The O/S(s) are just

programs written by fallible Human Beings. Nothing we ever, ever or ever do

is going to be bullet proof when the right bullet comes, no matter what it

is. The crap was compromised no matter how you look at it, because fallible

Human Beings wrote the crap and fallible Human Beings are using the crap.