found an article:
Linux is favourite hacker target: Study
(http://www.globetechnology.com/servlet/story/RTGAM.20030911.gtlinuxsep11/BNStory/Technology/)

what do you think?

i just dont know, i mean there are plenty of really good hackers who use M$, but i dont understand why they seem to go after linux.

Lots of statistics, but no explanation of what they actually mean...

it's more of a challenge to hack linux if it's set up properly ;). Just a guess.

Mabey its because there more goodies on Linux boxes as opposed to the Window users mp3 collection and slower poorly maintained machines bloated with adware.

i'll just wait until more people have posted.
then i post something like, "i agree with almost everyone."

I think its funning that in the same month there was over 500,000 remote exploits of windows 2000, NT and XP computers from Blaster, and a few hundred thousand infections caused by Sobig. I'm sure there were a lot of servers that got one of those, but they failed to mention that in their study.


Even so it doesn't surprise me that much. If someone wants to break into a computer they are most likely going to target a operating system that they are most familiar with. Most of the crackers out there use some kind of a *nix, so it shouldn't be a surprise that they are going to attack the OS they know best.

Also as most of you should know. There is a lot more you can do from a bash, ksh, sh or any other unix shell then you can if at a Windows command prompt. So that in my mind would be another reason for people to target *nix based computers, because once you have access to that system your options are much broader then they would be on a Windows based computer.

Lots of statistics, but no explanation of what they actually mean
Well, it's interesting that the hacking statistics closely coninside with percentage statistics for server OS use -duh- is there a pattern here? They twisted this article to make it seem like you are more likely to get cracked if you are running Linux -whose axe are they grinding?

Most of the crackers out there use some kind of a *nix, so it shouldn't be a surprise that they are going to attack the OS they know best.
yep! -probably more hackers do their cracking FROM a Linux box so it seems only natural to go with what you know best

Mabey its because there more goodies on Linux boxes as opposed to the Window users mp3 collection and slower poorly maintained machines bloated with adware.
that made my day-haha! yep! Linux is probably running more of the desireable stuff to get into :D

It's probably another MS sponsored survey. They really don't give too many facts. Hacking is oftentimes hard to track, since people usually are not too willing to divulge that they have been hacked.

The facts are that there are many more Linux web hosts than Windows. There are also plenty of people out there hosting sites that don't know anything about security. A large portion of hacking is done horizontally through shared hosting where they gain root access through a buggy script and have access to 100 sites. In their survey would they consider this to be one Linux server hacked or 100?

Did you see who it was who published the report? mi2g... a bunch of lying scumbags

Read up on them at TheRegister:

http://www.theregister.co.uk/content/55/28233.html

My favorite comment regarding where they get there numbers...


"One wonders how much mathematical masturbation takes place when analysing and generating these numbers," he writes.



Also, I think it should be noted that even Microsoft hates them. :D

EDIT: A quick look on mi2g's site yielded more laughable alerts. Unfortunately I couldn't read complete stories, as they cost around $30 each to read.

Not content with guirella tactics, it seems that "insurgents" and "saddam loyalists" have been and will continue to resort to cyber-terrorism to exact thier vengence!


London, UK - 25 June 2003, 14:30 GMT - The digital fallout from the war with Iraq shows no signs of abating in June as the economic damage caused by digital attacks races past the previous year, according to a new report published by mi2g, the world leader in digital risk.

The worldwide economic damage from hacker attacks and malware incidences is already estimated to have been in excess of ...

Hmm, I've seen this post before... *yawn* ;)

http://www.justlinux.com/forum/showthread.php?s=&threadid=112042&highlight=mi2g

Originally posted by Gertrude
I think its funning that in the same month there was over 500,000 remote exploits of windows 2000, NT and XP computers from Blaster, and a few hundred thousand infections caused by Sobig. [...] but they failed to mention that in their study. Right, they never mentioned those, because they were only counting "intentional" attacks, not automated ones. Even though the automated ones cause tons more damage... :rolleyes:

Don't forget the latest email worm... Sven or something like that. We got hit with a couple hundred of those just over last weekend, and they were coming in about one every ten minutes on Monday morning. They seemed to slow down a lot after about noon (Eastern) Monday though.

Pretty retarded report, IOW.

Right, they never mentioned those, because they were only counting "intentional" attacks,


I bet the virus writer had certain goals in mind that could be considered "intentional" when he wrote Blaster.

If I were to create a script that scanned random subnets for vulnerable sendmail, and apache servers, and it succeeded in exploiting 100 servers. I have a feeling even though it was automated. The number 12,892 hacked servers would be 12,992 instead. I think it is just a biased study.

This is pretty farfetched i'll admit, but it's an idea.

maybe it's because they're trying to improve linux.

you never know, i mean think about it, if a company has a box setup a certain way, and a person knows how it works, they may try things on it to see how they can exploit it, or if they can. then maybe they'll go back and figure out how to make it so that can't be done...

i dunno, just an idea.

Im new here, and to Linux, and my knowledge is limited on any *nix OS... But I would think that maybe the reason more Linux boxes get cracked into is possibly because there are more admins trusting their servers to Linux, or any other *nix OS, as opposed to those running the well known exploitable, penetrable, and lets not forget expensive Windows... Just a theory though... I also beleive as others have said, is that if someone has Linux, they probably have data worth getting, and its much harder to crack (I assume) a Linux box than a Windows box...

I believe the reason for it is because there are more PCs running Apache (and probably on BSD/Linux) than MS IIS on the internet and maybe this is why?:confused:

I understand that you can use Apache on Windows:D

Basically these statistics are open source software biting us in the butt. I work with network and internet security, and because Linux is open source, a hacker can download the complete source for sendmail, and figure out every little hole, exploit, and loophole. However, with M$, hackers have to try things against all the various M$ services, i.e RPC, NetBIOS, etc. I don't think it's apache running on linux boxes, I think it's just the trade off of open source. Many hackers are lazy, so they would rather read source code and figure out holes easily rather than trying to cause an exploit in an app they know nothing about.

I had to laugh when I read that article because the only thing it shows is how easy it is to bend the truth with statistics. The problem is that a lot of people dont know how to read statistics both readers and journalists. A statistic like this gives absolutly no meaning at all.

Its hard too see where they have pulled out those numbers from, and I am not completly sure what kind of servers are included in the report they got it from. According to statistic about webservers though, microsoft got a market around 24 percent. So assume this holds true in the report they got their numbers from, it would actually be a higher percent of breakins on MS servers than Linux.

So the reality is not shown in this article, neither in my ramblings, since there are so many factors that are unknown that have to be taken into account.

Basicly all this article shows is that the author either dont know s*** about statistic or just want to manipulate people into his(or employers) beliefs.

MadNewbie

Did you see who it was who published the report? mi2g... a bunch of lying scumbags


well, i think i agree with carrja99...

i dont care whether linux is favourite hackers' target or not, i'm still using it anyway(I'm a newbie in open source community, so i'm still learning lots about it . And not just the gnu/linux os but also i want to learn bsd-based os , c programming , etc)
Maybe that article can warn linux sysadmins and users in this world so they can secure their linux boxes.


we can forget that article(and this thread too!), IMO...

life goes on...:)

Originally posted by ikellen
Basically these statistics are open source software biting us in the butt. No.

I work with network and internet security, and because Linux is open source, a hacker can download the complete source for sendmail, and figure out every little hole, exploit, and loophole. Yes, but what you seem to fail to notice is that they can do the same thing with binaries, basically.

Many hackers are lazy, so they would rather read source code and figure out holes easily rather than trying to cause an exploit in an app they know nothing about. No. It is not more difficult to find a security hole in a binary than it is to find a hole in source code (I wish I remember where I read this; I think somewhere on www.catb.org/~esr but I can't remember for sure. One article is here: http://catb.org/~esr/writings/quake-cheats.html but it's not the one I was thinking of.)

All that crackers do is look for patterns that signify buffer overflows (or whatever). These patterns exist in both source and the compiled binary; they are merely different. If you have source, you look for a set of patterns. If you have a binary, you look for another set.

It is not easier to create exploits for open source!

And besides all that, once an exploit is found, who fixes it faster? An open-source program, where there are thousands of people all looking at it from different angles, or a closed-source one, where there are perhaps a hundred?