I received the following mail from our system manager. Has anybody experienced somebody hacking there LINUX PC (cluster)?

After talking to ITS I would like to discourage the install of any linux machine for security reasons, unless you know all about the security issues. Linux boxes are prime os's that hackers look for on the net and at the its meeting today it was pointed out to me that these boxes can be scanned and attacked within 10 minutes of putting it on the net.

Sure, any OS is insecure when connected to the web and can be cracked into within 10 minutes.. This applies to pretty much any UNIX machine offering services (like NFS, sendmail, and Apache for example). And I would definitely consider UNIX boxes as being less prone to breakins than Windows ones ;-). From my experience, most break-ins take advantage of holes in the services and rarely of holes in the kernel itself (the kernel being the main difference between one UNIX flavour and another: the services, e.g. sendmail, being common to all). In other words, if you know of a security hole in sendmail, you could gain root access to any unix running sendmail, not just Linux, or AIX, but all of them, as they share the same sendmail program.

The morale of the story is: if you are aiming for ultra security, don't bother choosing an OS vs another: just avoid connecting your machine to the web ;-) However, I do run linux on 3 machines constantly hooked to the internet as well as on my laptop and haven't been hacked into for the last year or so, despite numerous breakins on neighbouring machines running other OSes...

-bern

Hi, Guus,

This is interesting and today is Saturday .

OK, I'll share my experience. My linux box is permanently connected to the web and is never turned off. In two years, approximately, it was cracked once. The intruder came, looked around, and left without causing any damage. Without even using the account for telnetting to another computer (except that he/she could edit the logs leaving the parts concerning his logging in and out but wiping off the parts concerning other activities, and this is hard to believe). During the same time my windows box was never cracked by a hacker, but several times it, kghm, was cracked by itself . With unpleasant losses of information. And other related inconveniences. Right in the middle of my, say, typing a document. (But new windows versions are more stable, I noticed.)

So, if you are afraid of an occasional hacker vandalism, take into account also other possible reasons for loss of information, like system stability, they may be much more serious.

If, however, for some reasons your computer is expected to become a specific target of an attack then disconnect it from the web or hire an expert. You cannot protect yourself from an expert attack simply by choosing OS .

Well, after some thought I decided that it is better to know then not to know, and although I think that the site should be removed from the web look at http://www.htp.org/ while it is still there. It will give you some idea of Windows security as far as vandalism is concerned. You can even try it on your own windows machine to see if it is secure .

(As far as linux vs other unices is concerned, see the Bernard message, it is true.)

Finally, since you were mentioning the system manager and ITS, well, I was told that companies often have company policies with respect to OS (and having such a policy may be reasonable). These policies are affected by many things often quite irrelevant to the qualities of the OS itself.

Rgds. Sergei.

Sounds like a bad excuse from your sys-admin. Linux is not any more insecure than any other Unix dialects or Windows. In fact, most web-sites on the internet are running on Linux machines, including many high-profile sites. CFD Online also runs on Linux. As far as I know I've only been hacked once since the site was opened in 1994, but that incident was not due to a security problem with Linux in itself.

Linux has a reasonably good reputation for security, but ultimately, its security is highly dependant on the sys-op keeping up to date with the security patches and keeping passwords under control. Most breaches are due to sloppy security measures rather than any fault of the OS.

We operate a web hosting service and have had only 1 successful break-in which was due to a bug in the BIND name server. Upgrading to the new version of BIND put a stop to it. This illustrates the need to stay up-to-date.

RedHat provides a list of security patches for each version of linux it sells. You should also check the CERT page for bulletins on holes found in Unix in general. Also, disable any services you are not using. If you do these things, then I wouldn't worry about placing your system on the net.

BTW: Microshit products are more often the target of hackers than Linux. I have a home linux system which is on 24/7 and have had no problems with it over the last 2 years, which is more than I can say for the windows system sitting next to it. Linux rocks.

yeah i doubt Linux is more hackable than other OSs. here in my department all our computers have been equally hacked and they run linux and irix and other unixes. the sys admins here have taken the option of allowing only ssh login and no email or web use! which is pretty harsh. also keep in mind that many hackers like to spread viruses which in microsoft products because they can write visual basic programs which can then interact with various microsoft apps and replicate and send themselves off to others. if i'm not mistaken the ILOVEYOU virus was a visual basic file.