Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: What is wrong with schools these days?
From: Paul Schmehl <pauls () utdallas edu>
Date: Tue, 25 Apr 2006 12:26:55 -0500

CrYpTiC MauleR wrote:
All you had to say was Microsoft =oP

That's hilarious. The number one defaced website OS is Linux. (See Zone-H.org if you don't believe me.)

The number one problem I have here is unix boxes. You know why? Because a lot of open-source bozos run around claiming unix is more secure than Windows. So a lot of clueless people think that, if they just set up a RedHat box, they won't have anything to worry about.

Ask them what that little red ball with the X in it is - you know - the one flashing up there in the taskbar- and they'll say I dunno.

No OS is secure by default. No OS can remain secure if it's not properly configured and maintained. Look at your box right now. How many of you have inetd or xinetd running? Why? What services does it provide that you need? Do you even know what chargen or rpc.statd is? If not, why are they running (if they are)? How many of you have a workstation running with more than just ssh enabled and *no* firewall running?

You name the OS, and I can tell you of at least one incident of hacking. We haven't had a Windows box hacked in a long time. The last five were two Macs and three RedHat boxes. Does that mean Macs and RedHat are insecure? NO! It means, until the general public understands the problem and knows what the solution is, hacking will continue apace with no sign of letting up.

The real problem is ignorance.

--
Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]