hi everyone i'm Alice,i'm just a Linux Newbie, my friend told me that Linux's security is much better than NT server but he couldn't tell me any more details

i also heard most of the Linux Supporters also saying that Linux is very secure or brabrabra sth like that but HOW ???

can anyone gimme some facts or resons behine this? thx...

Alice,

Your realise that by posting to a Linux security group we already have some form of bias towards SVR4 "system 5 release 4" Unix systems.
Linux is one of these OS's that derives from the Berkley Unix systems, like Solaris and BSD etc etc.

This note could go on all day so I'll point out some key examples they may help you understand the way MS looks at security and the way Linux developers look at security.

Pro Linux: It conforms to C2 standards. "i.e has US military approval"
Anti MS: It doesn't unless the network connection is unplugged!!.

Pro Linux: The tcp stack conforms to the RFC's "counts for and against it"
Anti MS: It loosely conforms to the RFC's. "an example of this is a TCP packets NULL flag header host detection method,
XMAS scanning tests a closed ports response to a packet that has enabled all bits of the TCP header
flags: SYN, ACK, FIN, RST, URG, PSH (the two reserved bits do not modify the outcome). This method is based on the UNIX/Linux/BSD TCP/IP stack implementation and will not always successfully work against Windows operating systems as they don't conform to the RFC.

Pro Linux: The OS is open source. "i.e free" so people give it a good looking at to help its security. "this also counts against it"
Anti MS: The source has to be stolen from MS to be examined for exploits etc

Pro Linux: it has positive random TCP Sequencer. "hard to hijack connections"
Example from Nmap:
TCP Sequence Prediction: Class=random positive increments
Difficulty=5401401 (Good luck!)
Sequence numbers: x x x x x x "removed this info as it's my firewalls"
Remote operating system guess: Linux x.x

Anti MS: it's TCP Sequencer is based on Time dependency. "easy to hijack"
Example from Nmap:
TCP Sequence Prediction: Class=trivial time dependency
Difficulty=1 (Trivial joke)
Sequence numbers: 44ED83 44ED91 44EDA5 44EDB9 44EDCD 44EDE1
Remote operating system guess: Windows NT4 / Win95 / Win98
(this was an NT4.0 system)

Pro MS: It's TCP stack hasn't been changed for years so its harder to work out from an OS fingerprint which version of windows your looking at.
Pro Linux: It's TCP stack changes with each update so fixes are implemented regularly.
Anti Linux: If not firewalled easy to work out version of Linux running due to correctly updated TCP stack.
Anti Linux: More widely used services for internet. "i.e mail, DNS etc.. problem is with users knowledge not OS"

As I said this could go on all day....
Anyway to conclude this I would say.
The security the OS is generally on how knowledgeable the admin of the system is.
You can have a more secure MS box if the admin knows what's he/she is doing over an inexperienced Unix admin.
But if the two of them are just as skilled then the Unix box will win due to the underling design flaws within the MS products. "caused by the fact the MS developers do anything they want to do, due to MS's monopoly in the software world"

/Raz

Just wanted to add a thought.

Razbot made a great explanation, but I can sum it up a little better.

Linux is open source, allowing anyone to see its source code and check for malicious code, holes, NSA additions, and programming flaws. It is the best Q&A available since millions of people look at it.

MicroSoft does not go through its source code until it hears of a security flaw. Or in some cases, they can be bribed to include secret keys or holes to allow various agencies access to your PC.

Many great and wonderfully talented people, hackers, work hard and go out of their way to make sure Linux is well maintained, and that nothing bad slips through easily. But once in a while, things get through.

Linux does have some security issues, but these are mainly only exploitable while the box is networked somehow. These are usually found quickly and fixed within a very short time. With MicroSoft products, there are ways to defeat its security by simply logging into the station itself.

Point is, if you want to security you can trust, then do what I do. Trust the hackers who built it. If it has their stamp, it is among the best you can get. I have not been disappointed yet.

I never answer a question in the Security part which is technical, cus I don't know much but this is a discussion!!

Anyway, just thought I would point out that the NSA has actually released their own version of Linux, which goes to show the regard they hold for the security of the system. Also unless you are the root user, the ability to perform hazardous tasks is severly limited.

I think that Linux is much more secure than windows, IF you know what you are doing. Newbies to Linux can perhaps ignore some of the safety features installed, which can lead to a system which is not very secure.

One more thing, no OS is totally secure, and there is almost always a way around a problem.

BTW Razbot, you seem to know loads about the security of Linux, how come??

[Edited by CragStar on 04-17-2001 at 06:28 PM]

To anyone, is Bastille a good program to use to secure my box? I have heard mixed reviews, and I dont like sitting on an internet network conenction without some serious security in place. Although I trust most hackers that work on Linux, at the same time, there are crackers out there who would like to have the chance to be nasty. And Cragstar makes a good point... there is always a way around security systems, so it would be nice to know the vulnerbilities and try to plug them.