An unprotected Windows XP machine was breached within four minutes, and became a zombie in less than ten hours, tests conducted by USA Today show. The paper set up six honeypot PCs and monitored the results.
An XP PC running SP1 was breached by an intruder through a hole that the Sasser worm used, only four minutes into the test. Within fifteen minutes two intrusions took place, one using the MS Blaster hole. Within ten hours hackers had established an irc channel and the machine was broadcasting its vulnerabilities to the world at large. A Windows Small Business Server was similarly compromised, with the intruder uploading a program which gave full control of the machine.
While the XP SP1 machine averaged 341 attacks per hour, the number dropped to just 3.4 per hour for a machine running Service Pack 2. SP2 ships with the built-in Windows firewall turned on by default. A Linux box averaged 1.9 attacks per hour.
The paper stresses that the results don't account for the most common forms of compromise which require user intervention, such as malware and spyware programs activated by email and a web browser. ®
I wonder if the Linux box had a firewall (shorewall or what ever) enabled by default.
jason at jcorcoran.net
A working program is one that has only unobserved bugs.
-- Murphy's Laws of Computer Programming
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!