Linux, not Microsoft Windows, remains the most-attacked operating system, a British security company reports. During August, 67 per cent of all successful and verifiable digital attacks against on-line servers targeted Linux, followed by Microsoft Windows at 23.2 per cent. A total of 12,892 Linux on-line servers running e-business and information sites were successfully breached in that month, followed by 4,626 Windows servers, according to the report.
Linux the Most Successfully Compromised Operating System
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
Too bas there are only 4,626 Windows Servers in existance.
The reason Linux is “hacked” a lot is because Apache is free, so any kid can play with it. Yeah, he’s not going to secure it well, but at least he gets a chance to work on his skills. MS would make him pay hundreds just to practice for a future profession.
</rant>
…and all the DDOS attacks they have helped to carry out? And, these computers can be used to attack any OS on any server…
“The data comes from the London-based mi2g Intelligence Unit, which has been collecting data on overt digital attacks since 1995 and verifying them. Its database has tracked more than 280,000 overt digital attacks and 7,900 hacker groups.”
Do you realise how these statistics were collected, and the validity behind them?
I suggest you check out some of the more higher rated comments at the top of this link:
http://slashdot.org/article.pl?sid=03/09/11/1951201&mode=thread&tid…
I’m not saying that Linux *is* secure, I’m saying that it’s not the best study ever.
Windows is still less secure, IMO.
Aren’t there more linux servers out there than windows ones? Especially on systems exposed to the internet and possible attack.
I would like to see a comparison of these numbers to the total amount of servers of servers of each type. Otherwise this ‘article’ really proves nothing.
but what proportion of those attacks are successful?
Of course there will be more attacks against the big players rather than the smaller ones like Microsoft.
Even though it’s an MS funded survey, the article is too light on details to make a comparison though.
http://www.theregister.co.uk/content/55/28233.html
“The company has good contacts in the city and in government, and is one of the few which can regularly attract IT directors from blue chip City financial firms to its events.”
Wouldn’t seem to be incompetent according to this.
I wonder what OS the hackers are using?
I don’t think it really matters what you’re using, as long as you patch/secure your system and do the regular admin stuff. Otherwise, you’re probably going to get hit no matter what.
http://www.pcworld.com/news/article/0,aid,106785,00.asp
Note: Without paying a large amount of money their is no way to justify the summary. The other factor is the mi2g seems to be full of ex Civil Servants and “Consultants” not really who I would out faith in for a security study.
http://www.mi2g.com/cgi/mi2g/people.php
Bernard
That has got to be the most shallow and unscientific report I have ever read. How am I supposed make informed judgements on meaningless numbers? And what kind off attacks are we looking at here? Why where the attacks successful? What was the sample size? How was their informations generated? I wouldn’t be surprised if this is another sponsored experiment.
*sighs*
Regards,
Mystilleef
“A total of 12,892 Linux on-line servers running e-business and information sites were successfully breached in that month [August]…”
Good question?
Windows 3.1 with Cygwin or Putty maybe.
Just kidding!
You’re right. Windows is more secure.
Wow, all this time I just assumed Linux was secure.
</sarcasm>
I’m a professional unix admin and I know *nix systems can easily be made more secure than Windows. OSX? That’s a tough call. But anyone who says Windows is secure would just get laughed out of the room.
If you put a default install of any OS on the internet as a server, like a lot of people still do with Linux, it can be easily compromised. This is not a good measure of the security of an OS.
Take RedHat AS, for example. Its based on RedHat 7.2. So you might expect more security from a default install of their desktop version, RedHat 9, than you would from their server edition.
Realisticly you are only as secure as your systems administrators. So pay them well, hire the right ones, and pray they are passionate about security. If you cut their pay or annoy them or limit their time browsing the web you might fall behind on some critical bugs. If they don’t keep up to date with all security vulnerabilities your chances of being hacked increase (possibly exponentially) for any OS.
There was something similar in May I believe, and guess what? It’s the same company. The veracity of its claims has been doubted before, with much justification.
Why should we believe them now, considering that their wild claims haven’t changed?
(In case you didn’t know, 70% is a completely ludicrous figure. In real life, there is no such radical distribution of statistics.)
See this article from last year concerning Mi2g’s methadologies (at that time).
http://www.nwfusion.com/news/2002/1107msfoul.html
Regards,
Mark
Well our organisation is using Linux server where information is filter through its firewall protection and then send to windows server. We are almost using this technique for 1 year. The good thing is it works!!!!!. The bad thing is that the connectivity between the two os still possess certain problem. Yes i believe that security is compromise using Apache. But while the rest of the OS it better secured than Windows. One thing is customize the security option is Linux according to necessity. This will ensure better security standard met by u and the organistion u are working
I’m just curious. By Linux, do they mean Apache, Sendmail, wuftp, or some similar program? Was it something more erroneous, such as leaving port 135 open. I kid.
Details, I want tasty, scrumptious, little details.
“Aren’t there more linux servers out there than windows ones? Especially on systems exposed to the internet and possible attack.
I would like to see a comparison of these numbers to the total amount of servers of servers of each type. Otherwise this ‘article’ really proves nothing.”
“Of course there will be more attacks against the big players rather than the smaller ones like Microsoft.
Even though it’s an MS funded survey, the article is too light on details to make a comparison though.”
yeah, hello, this is what everyone says when we are talking problems in windows on the desktop front. MS owns that market and gets way more issues. On servers linux is top dog, and guess what, they get more attacks then windows servers. If linux ever gets passed windows on the desktop front the same will apply.
Why is it people seam to have a hard time with this. If the names Windows and Linux where flipped in this article most people would be saying it seams right, but since it’s not everyone cries foul.
And to the comment about appache and it being open and people can mess with it, that also is something that some day will do linux in hard. Since it’s open and problems are very well known, when people do decide to go after it big the road map is layed for them. They don’t even have to work to cause havoc.
That is not an entirely true statement. In desktop windows most “attacks” or whatever you want to call them, things done with malicious intent, utilize viruses. This is talking about actual hacking, with another person on the other end trying to get in. There is a world of difference between the two. Saying that being vulnerable to viruses and vulnerable to hackers is the same thing is just not true. A virus is a bit of code, a hacker is a person. I’m not trying to troll or anything, but I am saying that the actual architecture of windows is more succeptable to viruses than Linux, IMO. And people who say “Well, Linux isn’t big on the desktop so no one wants to write viruses” are not making a valid point. Linux is dominant in servers, and you’d think that virus writers would realize that if they made a virus which attacked servers it could potentially do exponentially more damage than taking down Joe Windows computer. Anyway, I could be all wrong here, but one of the reasons people write viruses is to see the chaos they create, and taking down servers creates more chaos. Unfortunately there are two problems with this: Linux is has better defence against viruses, and any server (Linux or Windows) when maintained by a competent admin can be secured (though I still believe Linux easier than windows). That’s just my 4 and a half cents anyway.
I don’t see any problem. No, really. There are probably more Linux servers _on the web_ than IIS ones, so that’s something to expect.
If you put a default install of any OS on the internet as a server, like a lot of people still do with Linux, it can be easily compromised. This is not a good measure of the security of an OS. […] Realisticly you are only as secure as your systems administrators.
I couldn’t agree more with you. I’m sure that many of those Linux servers were installed by people seeking cheap solutions without thinking about security. They just choose it because “it’s free”. IMO, they just asked for it.
I think It would be fair to say that there are a lot of Windows Systems out there that have been compromised, and the Admins dont even know it yet …
saying “I told you so”.
Yes, we get the point… Now can’t we all agree that SCO is the problem?
and we’ll judge the veracity of these conclusions.
The problem is, there are no details in the article about whether the attacks were from dodgy php code, social engineering etc, or fundamental flaws in Linux or apache.
If I install apache on a gentoo box with no X, php sql etc, and keep up to date with any security problems with apache (very easy) I have a very secure server. If I use windows, there is all kinds of shit going on that I don’t have any choice about, and only hear about when there is a ‘critical’ alert.
Also, how many of the compromised servers were colocated? One Linux box could be running thousands of sites, and it only takes one person to leak a password….
That’s so funny, because it’s true!
If one takes the total number of computers covered in the survey (12,892+4626+360) and calculate the percentage of each OS you get:
Linux=72%
Windows=26%
BSD = 2.0%
Total=100%
If there were equal attacks on the systems then the figures shown above would be the results. The best one can say is that they reported:
Linux=67%
Windows=23.2%
BSD<2%
Total=92%
Hmmm. We seem to be missing 8% in these numbers.
These figures would indicate that the crackers were rather nondiscriminate in their attacks. Of course, more information would have to be obtained to make a proper interpretation.
I have never been hacked and we use Linux for eerything, Backend, Frontend, Desktops fileservers everything we have logged attempts but no one made it through. I think Linux is more secure just by experiences that I have had. Windows is a nightmare and Windows Security is an oxymoron. Here is an excerpt from that article:
<< Microsoft Windows servers belonging to governments, however, were the most attacked (51.4 per cent) followed by Linux (14.3 per cent) in August. >>
At least the governments safe on Linux.
… were actually the windowsupdate.microsoft.com site breached 12,813 times by the blaster worm 😉
A study by the mi2g Intelligence Unit reveals that the top ten malware of all time – computer viruses and worms – targeted the Microsoft operating system, server or application software.
See the same company’s news release also from today:
http://mi2g.com/cgi/mi2g/frameset.php?pageid=http%3A//mi2g.com/…
But if you want the underlying data for this or the other study, you have to buy it and agree to their licensing terms.
Some questions as to the hacking of servers:
1. How many systems are they looking at?
2. How are they determining that an attack took place?
3. What kinds of attacks are occuring?
4. What is the security environment of the server being attacked?
5. What is the use of the server being attacked? (banking, publishing, web hosting reseller, e-commerce, ebay).
6. What are the results of the attacks? (stolen data, site defacement, denial of service).
But you may not get the answers to these questions even if you pay for the report.
Regards,
Mark Wilson
Here’s the correct link to the MS ‘malware’ article:
http://mi2g.com/cgi/mi2g/frameset.php?pageid=http%3A//mi2g.com/…
Uhmm. Download Apache-versionxxx.exe, running it, click “Next”, “Next” and “Next” Than “Finish”. That kiddo had just installed Apache and can play with it now – on Windows. Apache is available on Windows too, remember that.
Seriously, though, there are lots of ways to read these stats. They say three things to me. (1) Linux is making great corporate headway, thus becoming a target. (2) Linux is not invulnerable, but is less vulnerable than these stats would have us believe. (3) Windows ain’t bad.
As always, statistics lie, and the truth is somewhere in between.
P.S. It is funny to watch the Linux apologists making excuses. And I like Linux.
As always, statistics lie, and the truth is somewhere in between.
There are lies, damned lies and statistics – Benjamin Disraeli.
Electrical grid vulnerable to hackers
http://www.msnbc.com/news/965095.asp
“My team and I could shut down the grid. Not the whole North American grid, but a state, sure,” says Eric Byres, a cybersecurity researcher at the British Columbia Institute of Technology.
You guys claim theres more linux servers out there, so its bound to have more attacks. Well theres LOTS more windows desktops out there, so its bound to have more breaches too, but you reject that argument anytime someone uses it. Double standard? What a bunch of linux loosers.. BSD rules btw
…but Windows is attacked more by Viruses and Worms. Which is worse? Hard to tell…but at least hackers are not slowing down the Internet with their intrusion attempts, while Blaster and SoBig… 🙂
I think what this means is that it takes real skill to hack into a Linux server, so the hacker has to do it themselves, while Windows stuff can be dealt with with mere programs! (And, yes, that is a troll – but a funny one!)
“The truth is such a fragile flower, the truth is so precious, it must be given a bodyguard of lies.” – Winston Churchill
Intersting that the NEVER give the names of the sites compromised, for all we know, the servers compromised could be some little sh*t box server located in someones toilet cubical serving Warez.
nowdays almost every it company everywhere expects me to believe everything that they say, without proof, without facts, without explaination.
sort it out, or shut up
“If you put a default install of any OS on the internet as a server, like a lot of people still do with Linux, it can be easily compromised. This is not a good measure of the security of an OS.”
This suggests that the defaults are ill chosen.
Comment 1 here states that you have to pay MS to learn their tools. This is catagorically incorrect. If you got to the website, you can find ways to be sent 30-180 day copies of a great deal of their commercial software. And they pay the postage.
Secondly, I said quite a while back that Microsoft for all the attacks people lay on them were making progress on security. Anything pre2003 and with 2003 is now aflicted with the daily reboot as patches have to be applied and then reloaded. Thats a major bummer if you want a sevre to be up, but better than being compromised.
There are now commonly more scurity issues on Linux than on 2003, and that is laudable. For once, people should congratulate MS on their efforts rather than attack them, and even take note of some methods and ideas. Open source still has resons in this area to be concerned.
Thirdly, many of these worms/viruses can be stopped by blocking ports. In addition good security policies can secure your network from the infestation getting in via laptops or other cross contaminated equipment, or external connections.
I think it is sad that we have an internet, and brilliant tools, and operating systems, and applications, and all that is being defeated by security issues, and everyone locking down their networks and computers to a level, which speaking from a pure technical/usability point stops a very great deal. Most places running under lock down impact IP telephony, IM, Netmeeting and a host of technologies that in a secure enviroment would add greatly to the enjoyment and usability of the net. The core logic in business IT terms is now a complete lockdown, only the web proxy and email server have in/out through the firewall, VPN is locked down, no dial in and so on and so forth. Its IT paranoia gone beserk, but not without reason.
Now its an every day occurance that our friends and families machines have issues, get rooted, get hacked, infected, spammed to hell, the list goes on.
AdmV
Clearly the security of any OS is only as good as the person administering it. What makes you people think Linux will magically be secure in the hands of an idiot?
I just spent aprt of a day with a win admin who was hacked, the only evidence we could find was admin logins at strange times (as he and I are the only two with the password and it was not a maintenance cycle and backups and all else was ruled out we know it was hacked-but cannot find anything wrong on the system–win admins solution leave it alone it must be fine) A Linux admin usually takes it off line and reinstalls from scrach–but as Windows is so integtrated as the one system was compromised all connected systems are also compromised. Rather than reinstall them allmy friend is leavuing them all on line…..Now thats SECURITY, but this is the way unless you want to take the whole network down and reinstall. In the Linux more people are responsible and say I got hacked and replaced the system in Windows its too much a Pain to deal with, so ignore it.)
Anyway I know it was hacked (win server) but we couldn’t find the hole they got in through-I love Windows transparency </sarcasm>
A lot of attacks are not reported. This to me means their study is flawed from the get go. I’ve got the feeling that a lot of the attacks that weren’t reported happened on Windows servers. I just have trouble believing any study of this nature…especially one that has Windows coming out on top.
The way I see it, every OS can be made (at least reasonably) secure, but every OS can also be made very insecure.
The difference between the different OS’s is mainly how much work needs to be done in order to secure them.
For Linux, you need to spend a day disabling unneeded stuff, tweaking things for extra security etc. (of course, this depends on what distro you use. Some require less work, others require more), and install a patch now and then.
For Windows, you need a lot more time, and a lot more money (virusscanner, 3rd party firewall,…), and a lot of maintenance time to keep up with the patches, especially if you admin a lot of servers. And you can’t trust the correctness of Microsoft’s patches, so you have to test them first, before you can safely roll them out.
In fact, the only OS I would dare to hook up to the internet immediately after installation (or even while installing) is OpenBSD. Secure out of the box, very few patches to install.
But there’s also the skill level of your admins. There’s no point in migrating to *nix if your admin staff consists entirly out of MSCE’s. Without proper training, they could totally mess up the security of any *NIX, and proper training costs time and money…
The only secure computer is one that is turned off and locked in a safe…
then again the safe could be open/breached and the computer stolen…
There is always a way to get to a machine, if someone wants it bad enough.
Ryan
Look at all the anti-“M$” zealots trying to dance around this study.
As it turns out, people like me were right all along–you’re only as secure as your admin. No OS is 100% secure, especially not Linux. That’s right, Linux is not the holy grail. But it is amusing to see people try to dismiss the study and diffuse the blow.
Can some please tell me how many Linux virus’ are there.
All this talk about compromises about linux machines without any mention of a single linux virus.
Would sure like to know if any existed.
Check out f-prot for virus history’s:
http://www.f-prot.com/virusinfo/unix.html
or
http://www.f-prot.com/virusinfo/w32.html
Great
But in the UNIX section I saw just two entries
One for FreeBSD and the second for Linux
And both were in 2002 and were mainly targetted at Apache
Im confused doesnt this just shoot to shit the above article.
Woho !!!!!!!!!!!!!!
P.S.—- “shoot to shit ” is a phrase not of vulgar intent
Check out this link:
http://vmyths.com/resource.cfm?id=64&page=1
Also, as for the statement that the statistic “A total of 12,892 Linux on-line servers running e-business and information sites were successfully breached in that month [August]…” cannot be spun, it is absolutely wrong. If the methodology used was flawed, for example, if any given server were counted multiple times, then the number produced by the methodology is worthless.
Haven’t we all heard of “independant” and “credible” scientific studies showing that Tobacco smoke is not harmful to you?
I think I know where all these “scientists for hire” went when the Tobacco companies were finally publicly exposed and held some-what accountable.
wasnt august the month when blaster struck?
and more lunix hosts compromised than nt hosts?
what exactly is the definition of ‘compromised’?
… being able to access the web page.
Now you understand why Linux was compromized more than Windows 🙂
No, it suggests that the default install of any OS does not include all the bug fixes that are released after the OS was shipped. These bugs are just like the RPC bug Microsoft patched before MSBlaster spread across the internet. All of those systems would not have been insecure had that bug been patched before the OS was released.
Secure default settings would have helped in cases like SoBig.f, or whatever its called, but Linux already has secure default settings, which is why almost no worms exist for it.
There’s a big difference between being compromised by a human and being infected by an automated worm. So figure it out Don Cox.
I wouldn’t believe anything m12g has to say….
http://vmyths.com/resource.cfm?id=64&page=1
Certainly this study or what has been publicly released tells us nothing. Absolutely zip. Without showing percentages of total servers for each server type, or what a compromise or “successful attack” is and what services were compromised or how many hacks were detected but stopped by the system or…
It’s a useless study.
Now, before I’m lumped in as a linux-apologist, I think that Linux can be as insecure as any other operating system. (There are major benefits to the opensource model such as quick fixes to flaws cf proprietry but that is outside the scope of this discussion)
I don’t even really believe Linux is easier to secure than any other one, and quite probably more difficult to do so than in Windows. However, I do believe it *can* be secured to a far larger extent than Windows and do believe that given the paucity of detail in this study it can pretty much be disregarded as factual but read as something to encourage further digging on the part of server admins.
Perhaps this is caused by the standard “Linux is more secure than Windows”-statement that appears in every story.
A proper Linux setup is secure, but I think a lot of admins just do a standard install and think they are safe because it’s Linux.