当前时区为 UTC + 8 小时



发表新帖 回复这个主题  [ 34 篇帖子 ]  前往页数 1, 2, 3  下一页
作者 内容
1 楼 
 文章标题 : [讨论]认为“linux当前用户少所以病毒少”是人们最广泛犯的错误!
帖子发表于 : 2008-02-15 15:21 

注册: 2006-02-14 9:52
帖子: 178
地址: 西双版纳
送出感谢: 0 次
接收感谢: 0 次
引用:
2)Windows用户很多,研究的人也多,病毒,木马数量也很多,被攻击的数量也很多,攻击Windows终端用户有很多商业利益,如偷qq号,偷银行交易密码等等,有利益驱动研究的人也越多,“成果”也就越多;linux当前还没有普及所以病毒很少。


以下有关这一问题的详细论述摘自:

引用:
Security Report: Windows vs Linux
An independent assessment
By Nicholas Petreley
Published Friday 22nd October 2004 07:26 GMT


虽然时间久了一点,但对现在仍然有效。基本论据:Linux/Unix服务器占很大比例,如果考虑破坏性大的话,攻击者理所当然地应该选择攻击服务器,而不是个人电脑,但实际情况并非如此。结论是:质量而不是数量决定了遭到攻击的成功次数。

谁有空请翻译一下。

引用:
Myth: There's Safety In Small Numbers

Perhaps the most oft-repeated myth regarding Windows vs. Linux security is the claim that Windows has more incidents of viruses, worms, Trojans and other problems because malicious hackers tend to confine their activities to breaking into the software with the largest installed base. This reasoning is applied to defend Windows and Windows applications. Windows dominates the desktop; therefore Windows and Windows applications are the focus of the most attacks, which is why you don't see viruses, worms and Trojans for Linux. While this may be true, at least in part, the intentional implication is not necessarily true: That Linux and Linux applications are no more secure than Windows and Windows applications, but Linux is simply too trifling a target to bother attacking.

This reasoning backfires when one considers that Apache is by far the most popular web server software on the Internet. According to the September 2004 Netcraft web site survey, [1] 68% of web sites run the Apache web server. Only 21% of web sites run Microsoft IIS. If security problems boil down to the simple fact that malicious hackers target the largest installed base, it follows that we should see more worms, viruses, and other malware targeting Apache and the underlying operating systems for Apache than for Windows and IIS. Furthermore, we should see more successful attacks against Apache than against IIS, since the implication of the myth is that the problem is one of numbers, not vulnerabilities.

Yet this is precisely the opposite of what we find, historically. IIS has long been the primary target for worms and other attacks, and these attacks have been largely successful. The Code Red worm that exploited a buffer overrun in an IIS service to gain control of the web servers infected some 300,000 servers, and the number of infections only stopped because the worm was deliberately written to stop spreading. Code Red.A had an even faster rate of infection, although it too self-terminated after three weeks. Another worm, IISWorm, had a limited impact only because the worm was badly written, not because IIS successfully protected itself.

Yes, worms for Apache have been known to exist, such as the Slapper worm. (Slapper actually exploited a known vulnerability in OpenSSL, not Apache). But Apache worms rarely make headlines because they have such a limited range of effect, and are easily eradicated. Target sites were already plugging the known OpenSSL hole. It was also trivially easy to clean and restore infected site with a few commands, and without as much as a reboot, thanks to the modular nature of Linux and UNIX.

Perhaps this is why, according to Netcraft, 47 of the top 50 web sites with the longest running uptime (times between reboots) run Apache. [2] None of the top 50 web sites runs Windows or Microsoft IIS. So if it is true that malicious hackers attack the most numerous software platforms, that raises the question as to why hackers are so successful at breaking into the most popular desktop software and operating system, infect 300,000 IIS servers, but are unable to do similar damage to the most popular web server and its operating systems?

Astute observers who examine the Netcraft web site URL will note that all 50 servers in the Netcraft uptime list are running a form of BSD, mostly BSD/OS. None of them are running Windows, and none of them are running Linux. The longest uptime in the top 50 is 1,768 consecutive days, or almost 5 years.

This appears to make BSD look superior to all operating systems in terms of reliability, but the Netcraft information is unintentionally misleading. Netcraft monitors the uptime of operating systems based on how those operating systems keep track of uptime. Linux, Solaris, HP-UX, and some versions of FreeBSD only record up to 497 days of uptime, after which their uptime counters are reset to zero and start again. So all web sites based on machines running Linux, Solaris, HP-UX and in some cases FreeBSD "appear" to reboot every 497 days even if they run for years. The Netcraft survey can never record a longer uptime than 497 days for any of these operating systems, even if they have been running for years without a reboot, which is why they never appear in the top 50.

That may explain why it is impossible for Linux, Solaris and HP-UX to show up with as impressive numbers of consecutive days of uptime as BSD -- even if these operating systems actually run for years without a reboot. But it does notexplain why Windows is nowhere to be found in the top 50 list. Windows does not reset its uptime counter. Obviously, no Windows-based web site has been able to run long enough without rebooting to rank among the top 50 for uptime.

Given the 497-rollover quirk, it is difficult to compare Linux uptimes vs. Windows uptimes from publicly available Netcraft data. Two data points are statistically insignificant, but they are somewhat telling, given that one of them concerns the Microsoft website. As of September 2004, the average uptime of the Windows web servers that run Microsoft's own web site (www.microsoft.com) is roughly 59 days. The maximum uptime for Windows Server 2003 at the same site is 111 days, and the minimum is 5 days. Compare this to www.linux.com (a sample site that runs on Linux), which has had both an average and maximum uptime of 348 days. Since the average uptime is exactly equal to the maximum uptime, either these servers reached 497 days of uptime and reset to zero 348 days ago, or these servers were first put on-line or rebooted 348 days ago.

The bottom line is that quality, not quantity, is the determining factor when evaluating the number of successful attacks against software.


页首
 用户资料  
 
2 楼 
 文章标题 :
帖子发表于 : 2008-02-19 12:01 

注册: 2007-04-22 13:14
帖子: 328
送出感谢: 0 次
接收感谢: 2
1.任何操作系统和软件都是有瑕疵,有漏洞的,真正的黑客利用的正是这一点
2.单纯的软件防黑不安全,所以才有硬件防火墙,甚至处理器内建指令来防黑
3.微软的网站用的就是windows server
4.美国国防部主机都被入侵过
5.计算机安全还包括数据安全加密


页首
 用户资料  
 
3 楼 
 文章标题 :
帖子发表于 : 2008-02-19 18:31 

注册: 2006-02-14 9:52
帖子: 178
地址: 西双版纳
送出感谢: 0 次
接收感谢: 0 次
kangtian 写道:
1.任何操作系统和软件都是有瑕疵,有漏洞的,真正的黑客利用的正是这一点
2.单纯的软件防黑不安全,所以才有硬件防火墙,甚至处理器内建指令来防黑
3.微软的网站用的就是windows server
4.美国国防部主机都被入侵过
5.计算机安全还包括数据安全加密


当然每个操作系统和软件都是有瑕疵,有漏洞的,但要看程度和性质。微软肯定会硬着头皮用Windows,否则它很尴尬!
不过不是很明白你要说的意思。你想说Linux一样会遭到病毒的袭击吗?还是想说Linux服务器同样遭到病毒?


页首
 用户资料  
 
4 楼 
 文章标题 :
帖子发表于 : 2008-02-19 19:33 
头像

注册: 2007-05-06 8:19
帖子: 7433
送出感谢: 0 次
接收感谢: 4
3楼的,很不幸我就遭遇了一回;

那是俺刚到现在这个公司,出于各种原因,就把红帽支起来了...
没几天,就发现上网的机器会越来越慢,重启会好,但是很快就会变得极慢,查,查出“摩菲”,可是慢得现象还是有,把红帽停了,嘿,正常了嘿。
然后就查,这一看不要紧,也不知道谁给加了个用户。利马删除之,再查,发现很多文件给加了“i”属性,呵呵,知道不好,就用备份恢复,可是刚恢复没一会,再看,文件又变。正好有杀毒软件,一杀,好么,带毒得文件多了,好在可以杀,杀完怕不保险,又用备份恢复了一下,再杀,没了。
不知道是有病毒感染了还是有人攻击,呵呵,开机器就传走信息,这个看代码就看得出,给www.cert.org.cn报告,也没人理。可惜的是没留个样本,否则一定发给你,呵呵。那家伙的mail也忘记留。
这个可是俺的红帽头一个过夜,就...就中了招!呵呵,太幸运了吧?
现在呢?配置iptables了以后,一直没事。


页首
 用户资料  
 
5 楼 
 文章标题 :
帖子发表于 : 2008-02-25 13:38 

注册: 2006-07-21 9:18
帖子: 65
送出感谢: 0 次
接收感谢: 0 次
很有意思
......

冲浪板 写道:
3楼的,很不幸我就遭遇了一回;

那是俺刚到现在这个公司,出于各种原因,就把红帽支起来了...
没几天,就发现上网的机器会越来越慢,重启会好,但是很快就会变得极慢,查,查出“摩菲”,可是慢得现象还是有,把红帽停了,嘿,正常了嘿。
然后就查,这一看不要紧,也不知道谁给加了个用户。利马删除之,再查,发现很多文件给加了“i”属性,呵呵,知道不好,就用备份恢复,可是刚恢复没一会,再看,文件又变。正好有杀毒软件,一杀,好么,带毒得文件多了,好在可以杀,杀完怕不保险,又用备份恢复了一下,再杀,没了。
不知道是有病毒感染了还是有人攻击,呵呵,开机器就传走信息,这个看代码就看得出,给www.cert.org.cn报告,也没人理。可惜的是没留个样本,否则一定发给你,呵呵。那家伙的mail也忘记留。
这个可是俺的红帽头一个过夜,就...就中了招!呵呵,太幸运了吧?
现在呢?配置iptables了以后,一直没事。


页首
 用户资料  
 
6 楼 
 文章标题 :
帖子发表于 : 2008-02-25 13:42 
头像

注册: 2006-10-25 18:10
帖子: 2677
地址: 长沙
送出感谢: 0 次
接收感谢: 0 次
就拿最近的一次漏洞来说吧,等到内核更新几天后,才在网上爆出漏洞新闻。Windows 与其相比真是差的天远。


_________________
你是自由的。别人也是。


页首
 用户资料  
 
7 楼 
 文章标题 :
帖子发表于 : 2008-02-25 13:52 
头像

注册: 2008-01-01 17:25
帖子: 665
地址: 深圳
送出感谢: 0 次
接收感谢: 0 次
不要迷信存在任何一个不会被击倒的系统。


无论使用任何一个系统,必要的安全措施还是要做的。

第一步就是物理的安全,其次就是系统、软件等等的安全


需要措施的多少,措施的有效性,不幸中招之后的恢复,这些差异性,才是linux和windows的差别


页首
 用户资料  
 
8 楼 
 文章标题 :
帖子发表于 : 2008-02-25 13:54 
头像

注册: 2006-12-23 13:46
帖子: 9203
地址: Azores Islands
送出感谢: 0 次
接收感谢: 1
1linux 与生俱来的权限机制,的确让病毒很难在本地机器发作
2 linux生于互联网,发展于互联网,命中注定linux先天就是相比较而言安全的。
3依赖问题,我们自己手动安装某个软件都感觉很困难,更别提自动传播和自动安装的软件了。

尽管如此,良好的linux使用习惯仍然是必要的。


_________________
no security measure is worth anything if an attacker has physical access to the machine


页首
 用户资料  
 
9 楼 
 文章标题 :
帖子发表于 : 2008-02-25 14:42 
头像

注册: 2006-12-23 13:46
帖子: 9203
地址: Azores Islands
送出感谢: 0 次
接收感谢: 1
“linux当前用户少所以病毒少” 这样的论点是站不住脚的


要点如下:

168% of web sites run the Apache web server. Only 21% of web sites run Microsoft IIS


68% 的网站 采用 Apache . 只有 21% 的网站采用 Microsoft IIS.
  实际的情况是:采用 Microsoft IIS的服务器更易受攻击,病毒也更多。 

2None of the top 50 web sites runs Windows or Microsoft IIS

最顶级的50个网站没有一个采用windows或iis做为服务器的。



As of September 2004, the average uptime of the Windows web servers that run Microsoft's own web site (www.microsoft.com) is roughly 59 days. The maximum uptime for Windows Server 2003 at the same site is 111 days, and the minimum is 5 days. Compare this to www.linux.com (a sample site that runs on Linux), which has had both an average and maximum uptime of 348 days. Since the average uptime is exactly equal to the maximum uptime, either these servers reached 497 days of uptime and reset to zero 348 days ago, or these servers were first put on-line or rebooted 348 days ago.


不关机稳定运行时间来看,linux的优势也很明显。


_________________
no security measure is worth anything if an attacker has physical access to the machine


页首
 用户资料  
 
10 楼 
 文章标题 :
帖子发表于 : 2008-02-28 18:37 

注册: 2006-02-14 9:52
帖子: 178
地址: 西双版纳
送出感谢: 0 次
接收感谢: 0 次
zhihuasz 写道:
不要迷信存在任何一个不会被击倒的系统。


无论使用任何一个系统,必要的安全措施还是要做的。

第一步就是物理的安全,其次就是系统、软件等等的安全


需要措施的多少,措施的有效性,不幸中招之后的恢复,这些差异性,才是linux和windows的差别


你的文不对题,这里讨论的是:“Linux病毒少是否因为其用户少”,而不是“Linux是否会被击倒”。


页首
 用户资料  
 
11 楼 
 文章标题 :
帖子发表于 : 2008-02-28 18:38 

注册: 2006-02-14 9:52
帖子: 178
地址: 西双版纳
送出感谢: 0 次
接收感谢: 0 次
skyx,谢谢你的注释。


页首
 用户资料  
 
12 楼 
 文章标题 :
帖子发表于 : 2008-02-28 21:31 
头像

注册: 2007-07-29 16:47
帖子: 3741
地址: 地精魔法学院
送出感谢: 0 次
接收感谢: 1
cnbiz850 写道:
zhihuasz 写道:
不要迷信存在任何一个不会被击倒的系统。


无论使用任何一个系统,必要的安全措施还是要做的。

第一步就是物理的安全,其次就是系统、软件等等的安全


需要措施的多少,措施的有效性,不幸中招之后的恢复,这些差异性,才是linux和windows的差别


你的文不对题,这里讨论的是:“Linux病毒少是否因为其用户少”,而不是“Linux是否会被攻击”。


_________________
哪个神经病把爷发的搞笑贴给删了?囗囗囗囗 u
http://bbs.game.mop.com/attachments/mon ... OtUwom.jpg
http://www.tudou.com/programs/view/SozxT2gh7Ow/


页首
 用户资料  
 
13 楼 
 文章标题 :
帖子发表于 : 2008-04-15 18:42 
头像

注册: 2007-06-15 10:12
帖子: 66
送出感谢: 0 次
接收感谢: 0 次
如果设置的够好,我认为unix系列还是更安全的,毕竟都用了那么多年了


_________________
我之理想,无非是有朝一日,打过海峡,然后站在Sun Moon Lake(日月潭)中的小岛上,对着湖水,尽情的撒尿。当然,这恐怕会是我一生的理想了。


页首
 用户资料  
 
14 楼 
 文章标题 :
帖子发表于 : 2008-05-04 13:49 
头像

注册: 2007-05-12 22:48
帖子: 1344
送出感谢: 0 次
接收感谢: 0 次
系统最大的弱点在用户,如果用户被骗再好的系统也白搭。
破不了门就骗钥匙,哈哈


页首
 用户资料  
 
15 楼 
 文章标题 :
帖子发表于 : 2008-05-05 10:02 

注册: 2008-03-22 23:28
帖子: 5
地址: 江苏南京
送出感谢: 0 次
接收感谢: 0 次
LZ的观点只是意淫而已,天底下没有攻不破的系统,只是因为linux用户少,所以才没人去研究


_________________
身在L营心在W


页首
 用户资料  
 
显示帖子 :  排序  
发表新帖 回复这个主题  [ 34 篇帖子 ]  前往页数 1, 2, 3  下一页

当前时区为 UTC + 8 小时


在线用户

正在浏览此版面的用户:没有注册用户 和 2 位游客


不能 在这个版面发表主题
不能 在这个版面回复主题
不能 在这个版面编辑帖子
不能 在这个版面删除帖子
不能 在这个版面提交附件

前往 :  
本站点为公益性站点,用于推广开源自由软件,由 DiaHosting VPSBudgetVM VPS 提供服务。
我们认为:软件应可免费取得,软件工具在各种语言环境下皆可使用,且不会有任何功能上的差异;
人们应有定制和修改软件的自由,且方式不受限制,只要他们自认为合适。

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
简体中文语系由 王笑宇 翻译