Re: do I need a firewall?
Originally Posted by
Zill
No problem. I am questioning the apparent assertion by samiux that Linux systems are more easily compromised than Windows.
I understand from your postings that all systems connected to the Internet are vulnerable but I also believe that a default Linux system is (relatively!) more secure than a default Windows system. Am I mistaken?
I cant speak for samiux but I dont think English is the first language for them, I don't think samiux meant it is "easier" but just meant as "easy" as.
The whole thing about this is it cannot be stated that "Linux" is more secure than "Windows" which is common statement, it needs to be very specific such as Ubuntu 10.04 out of the box with no updates and no services installed etc compared to a windows 7 out of the box machine etc etc.
the collective terms of Linux and windows cannot be compared.
then even if specific with versions etc then you have to say OK what does "more secure" mean, if one has 12 vulnerabilities and 8 known exploits vs one with 10 vulnerabilities and 4 known exploits etc. it is stupid argument, you only need one window open in a house to get in whatever alarm system you have.
Does the fact that you running Linux prevent a compromise from a XSS attack ? no. Does it prevent you from an attacker getting a remote command shell ? no.
Whatever OS you are running the things that prevent or mitigate these things are user education, patch management and regular updates along with changing browsing habits and the like.
Linux is not more secure than windows, you don't "need" a firewall in Linux, and you don't "need" one in Windows, the point is you should use them in both whether behind a NAT router or not, don't run scripts, use least privilege, don't run unknown or untrusted software, stay vigilant etc etc.
Every system in a connected world is vulnerable, whether or not an exploit exists or if it does if it is worth the time of the attacker to attack is a different matter, of course it is also a case of whether the asset is worth the cost of protection and so forth.
Regardless what OS you use the same security principles apply, it is a process not a product. yes there are not known wild "viruses" for Linux but if then means you can use the same nonchalant browsing behaviors as in windows then sooner or later another type of compromise is likely to happen.
Both systems can and do get compromised all the time. it isnt any more difficult to compromise one or the other, one configured system may have more defences but the action taken to compromise one or the other no more difficult than another, one may take 5 minutes and one may take an hour, does that mean easier, I dont think so, i take it as different.
peace
Last edited by haqking; February 6th, 2013 at 10:20 PM.
Backtrack - Giving machine guns to monkeys since 2006
Kali-Linux - Adding a grenade launcher to the machine guns since 2013
Bookmarks