[LINK] By the numbers: Windows vs Linux security

Rick Welykochy rick@praxis.com.au
Tue, 02 Oct 2001 15:41:37 +1000 

Tony Barry wrote:
> 
>   - By the numbers: Windows vs Linux security
> Linux and Microsoft enthusiasts have argued for a while now as to which system
> is most secure. Are Linux vulnerabilities in the news less often because the
> Linux code is so well-written, or because the Linux market share is so much
> smaller? One way to get to the bottom of this dispute is to look at
> the numbers.

Well then, look at the numbers. First let's look at server numbers:

<http://www.netcraft.com/survey/>

   MS O/S servers    approx 50%
   Linux             approx 20%
   Other Unix        approx 16%

Now let's look at the damage of latest worm: Code Red

(same link as above)

"At least 150,000 active sites spread over 80,000 ip addresses worldwide running Microsoft-IIS
 have been taken down since the Code Red II worm was released."

Staggering numbers. I have *never* seen similar numbers for *nix systems being
taken down.

The numbers quoted in the ZDnet report mean little unless we look at the number
of hosts infected. Once you do that, a picture of an entirely different complexion
is painted.

(a) most of the exploits on *nix systems are narrow in reach, often requiring sophisticated
    cracking techniques to affect; none of the known exploits on *nix systems are spread in
    a worm/virus fashion as is seen on Windows systems; and their effects are often
    innocuous;

(b) most of the exploits on Windows systems are broad-reaching, and are easily spread by
    script kiddies who simply copy old exploits, shake and stir, and release them into the
    wild in new more virulent forms;

(c) the stats discussed do not even touhc on Windows work stations (we are talking servers
    here) ... once you enter that realm, all bets are off: Windows users are the losers.

Keep in mind that *every* exploit that has made big news in the mass media over the past
three to fours years has been soley Windows based, at times wreaking "billions of dollars
of damage" (their words, not mine).

Given that there is almost a 50-50 split between Windows and other systems in the server arena,
one would expect to see similar numbers of attacks and machines brought down in both camps,
other numbers like the "number of exploits" being equal.

This is clearly not the case.

Rgds
Rick W


_____________________________________________
Rick Welykochy || Praxis Services Pty Limited

"Yes means No and No means Yes. Delete all files [Y]? "