Sean,<div><br></div><div>What sort of *nix do you run and in what ways have they been compromised?</div><div><br></div><div>Re the AusCERT emails, are you referring to the vulnerability alerts or actual compromises? If compromises, how do they find out about them?</div>
<div><br></div><div>Phil<br><br><div class="gmail_quote">On Thu, Jun 24, 2010 at 2:12 PM, Sean K. Finn <span dir="ltr"><<a href="mailto:sean.finn@ozservers.com.au">sean.finn@ozservers.com.au</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
I have to butt in here, hosting one metric ** tonne of servers, it's the *nix ones that get compromised more often than our windows ones. (I know, because AusCert sends me emails every time one is compromised.).<br>
<br>
The Windows Vs Linux Debate is dead. Both are as bad as one another for compromises.<br>
<br>
Home users running Windows get targeted, and server farms running *nix get targeted just as easily.<br>
<br>
Before someone starts bashing the macs-are-safe bandwagon, BSD and Mac OsX Servers are just as likely to get attacked / rootkitted / compromised / dial home to a botnet.<br>
<br>
Having a software dependant package installed on ANY machine that is considered the target is just bad karma. It just doesn't work, and unless it stays ahead of the pack, the software will be specifically targeted and disabled as part of any smart malware attack.<br>
<font color="#888888"><br>
S<br>
</font><div><div></div><div class="h5"><br>
<br>
-----Original Message-----<br>
From: <a href="mailto:ausnog-bounces@lists.ausnog.net">ausnog-bounces@lists.ausnog.net</a> [mailto:<a href="mailto:ausnog-bounces@lists.ausnog.net">ausnog-bounces@lists.ausnog.net</a>] On Behalf Of Mark Newton<br>
Sent: Thursday, 24 June 2010 1:25 PM<br>
To: Zane Jarvis<br>
Cc: <a href="mailto:ausnog@ausnog.net">ausnog@ausnog.net</a><br>
Subject: Re: [AusNOG] (bad) cyber security and ideas coming out of the woodwork?!<br>
<br>
<br>
On 24/06/2010, at 12:15 PM, Zane Jarvis wrote:<br>
<br>
> If everyone in Australia switches to *NIX (or anything else) then the<br>
> criminals will just spend more resources targeting that.<br>
<br>
You think? I reckon most botnet operators couldn't care less where<br>
their targets are physically located, and they'll just keep attacking<br>
windows boxes in other jurisdictions instead. :-)<br>
<br>
(my burglar alarm doesn't prevent my stuff from being stolen, but the<br>
stickers on the windows make my next door neighbours' houses more<br>
attractive targets :)<br>
<br>
Interesting thought experiment, though.;<br>
<br>
- mark<br>
<br>
<br>
--<br>
Mark Newton Email: <a href="mailto:newton@internode.com.au">newton@internode.com.au</a> (W)<br>
Network Engineer Email: <a href="mailto:newton@atdot.dotat.org">newton@atdot.dotat.org</a> (H)<br>
Internode Pty Ltd Desk: +61-8-82282999<br>
"Network Man" - Anagram of "Mark Newton" Mobile: +61-416-202-223<br>
<br>
<br>
<br>
<br>
<br>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Phil<br><br><a href="http://philatwarrimoo.blogspot.com">http://philatwarrimoo.blogspot.com</a><br><a href="http://code.google.com/p/snmp2xml">http://code.google.com/p/snmp2xml</a><br>
<br>"Someone has solved it and uploaded it for free."<br><br>"If I have nothing to hide, you have no reason to look."<br><br>"Any sufficiently advanced technology is indistinguishable from magic." Arthur C. Clarke - Who does magic today?<br>
<br>
</div>