LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 15th, 2014
Linux Advisory Watch: August 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
A Couple Points on the "Open Source War" Print E-mail
User Rating:      How can I rate this item?
Source: Ed-Tech Insider - Posted by Pax Dickinson   
Host Security I hadn't actually noticed the Security Innovation study comparing the frequency of reported security problems in the Windows and open source web application server stacks. These kinds of surveys and tests are pretty easily manipulated. But since eSchool News has an article on the matter, I might as well weigh in.

If you're interested in this matter at all, you should go straight to the primary source material: the Red Hat and Microsoft security advisories. Your milage may vary, but my scans of the two lists shows a lot of Red Hat fixes that are mostly irrelevant to my simple web server, unless I've given lots of untrustworthy and industriously malicious people shell access to log in to the server. On the other hand, I see lots more references to "remote code execution" on the Microsoft site, which is what I'm really afraid of when I'm exposing a server to the internet.

That is, I don't want this to happen to me:

An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could install then programs; view, change, or delete data; or create new accounts with full user rights.
If you still feel safer with Microsoft after reading over the actual advisories, then God bless you.

Read this full article at Ed-Tech Insider

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Moving toward smart and secure continuous software delivery
Stealthy, Razor Thin ATM Insert Skimmers
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.