[lug] I wish RH users would secure... (D. Stimits)

John Hernandez John.Hernandez at noaa.gov
Wed Apr 18 16:46:57 MDT 2001 

"D. Stimits" wrote:
> 
> Gary Frerking wrote:
> >
> > >> I *really really really* would like to see all RH users
> >
> > >> follow the security email list from RH (it gets tiring
> >
> > >> to see the number of RH machines used to attack others).
> >
> > >> If you are a RH user and permanently connected to the
> >
> > >> net, you *will* get cracked if you dont'udpate and secure.
> >
> > While I understand your frustration (and your point), I think it's safe
> > to say that if you're running *any* unpatched year-old distro with
> > services like ftp exposed to the world, you're asking for trouble.
> 
> Definitely.
> 
> >
> > RH may be getting the press and attracting the attention of the hackers
> > at the moment, but RH isn't the only distro running WU-FTP (and WU-FTP
> > isn't the only FTP daemon with security problems over the last year).
> 
> It is the part about attracting the attention of crackers that I am
> looking most closely at. When someone tries to get into my machine, I
> look at them to see what they are running, and 90% of them are RH
> machines. It appears that crackers are concentrating on RH, so even if
> other distributions are equal, the RH users are still closer to the
> fire.
> 

In my opinion, there are many factors which lead to your 90% observation.  The biggest is probably that RH has such a large lead in market share.  Less than a year ago, a Netcraft survey showed 72 percent global market share for Red Hat (versus less than 10% for the runner-up distro).  The theory of "security through obscurity" does carry some weight in my opinion.  And because there's a large pool of users that can help new users through problems, beginners are more likely to make their first Linux attempt with Red Hat (or its derivatives), thus making the Red Hat users generally less experienced and less likely to be familiar with security update procedures.  To those RH users on this list (which includes myself), please don't take offense.  I honestly believe that RH is a fine distro with lots of community support; that's why I use it.

> >
> > IMHO, life would be a lot easier if EVERYONE made a reasonable effort to
> > secure their systems no matter what they were.
> >
> > Blinding assuming you're safe because you're not using RH is just as
> > reckless as not keeping up with RH errata.
> 
> My only point was that RH users are bigger targets, not that other
> distributions are safe. If RH one day gains a reputation for better
> security, the crackers will probably focus on the next distribution in
> trade. At the moment, being scanned while running RH is almost a
> guarantee that someone will come by and try to root kit at some point.
> 
> D. Stimits, stimits at idcomm.com
> 
> >
> > -- Gary
> >
> > _______________________________________________
> > Web Page:  http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

More information about the LUG mailing list