Why most run Microsoft, not RedHat

Tomas Larsson tomas at tlec.se
Sun Apr 29 18:59:46 UTC 2007 

> -----Original Message-----
> From: fedora-list-bounces at redhat.com 
> [mailto:fedora-list-bounces at redhat.com] On Behalf Of Stuart Sears
> Sent: Sunday, April 29, 2007 1:24 PM
> To: For users of Fedora
> Subject: Re: Why most run Microsoft, not RedHat
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> I appreciate that I am responding to two people here so I've 
> tried to point out which one  I am addressing below...
> 
> Zoltan Boszormenyi wrote:
> ### Tomas's Bit:
> > Tomas Larsson írta:
> >> Obviously there must be flaws in any OS/SW even Linux, as 
> an example 
> >> my FC4-server was rooted, due to a flaw in php/MySQL.
> SElinux++
> ...but I bet you had it turned off, didn't you ;) windows is 
> no safer against 0-day expoits than anything else.
> Arguably less safe (IMO) as it has absolutely not diagnostic 
> output that is readble by normal people...
> >> I ended up with a complete re-install,
> ..and did you enable SELinux protection that time?
> 
> >> if it was a windows-system, first of
> >> all, it wouldn't probably happen,
> I don't see how you can say that... bad php code on a 
> windows-basecd webserver is just as exploitable as it would 
> be on any web-server.
> >>> since my AW would have taken care of it,
> really? you have a piece of security software that can stop 
> people expoloiting bad php code? We aren't talking viruses 
> here. (nb: I am Assuming that AW is antivirus.. if it means 
> something else, please enlighten me)
> 
> >> plus the fact that I would have managed to remove it without  
> >> re-installing, So in a sence Linux is far much more complicated to 
> >> restore, compared to Windows XP.

SELINUX was enabled, when that happened, obviously that didn't stop the
intrusion.
I was told by "logwatch" that my server was compromized, the following day,
god knows what hapened before I shut it down.

Of course bad PHP code is exploitable regardles of OS, but my Win Antivirus
package intrusion-detection would most likely have stopped the thing from
happening.

With best regards

Tomas Larsson
Sweden
http://www.tlec.se
http://www.ebaman.com

Verus Amicus Est Tamquam Alter Idem

More information about the users mailing list