Hackers are increasingly targeting non-Windows servers
vnunet.com, 05 Jun 2003
Security analyst mi2g has released research claiming that hack attacks against Linux are exploding, while attacks on Windows-based servers are dropping off.
May saw the highest number of attacks ever, according to mi2g, with 19,208 successful breaches worldwide recorded against Linux based systems.
Just 3,801 breaches were recorded against Windows, with other operating systems suffering from 2,275 attacks.
The US and UK were among the most attacked countries, partially as a result of the war with Iraq.
During the heat of the Slapper worm epidemic in January, Windows was accounting for 53 per cent of attacks, with Linux soaking up 34 per cent.
Data gathered by web defacement archive Zone-H over recent months also shows the line between Linux- and Windows-based web server defacements blurring to a point where it is hard to tell which is being hit harder.
DK Matai, executive chairman at mi2g, suggested that that there are three reasons for the recent increase in successful attacks against Linux.
First is configuration management. "As automatic attack tools scanning for vulnerabilities become ubiquitous, the online system security is heavily dependent on settings and when the last patch was applied," he said, citing out-of-the-box and un-patched installations.
Next up is the lack of a coherent trustworthy computing initiative such as that run by Microsoft.
Owing to the nature of open source there is no single point of reference for information about the dos and don'ts of online server management and security, according to Matai.
The third issue focuses on common misconceptions about the Linux operating system, which is being increasingly selected by companies and government agencies to cut costs.
Matai warned that the "cost-effective choice" of non-proprietary software does not stand up to scrutiny if there is inadequate technical experience deployed in protecting the systems, and if training costs are not factored in at the start.
"There are plenty of instances where the administrator assumes that just because they are running open source they are somehow going to be more secure," he said.
Get the latest news, views and technology updates in a weekly round up of the Penguin's unstoppable march by signing up to vnunet.com's FREE Linux newsletter here.
Suggestion that hackers control three million servers is 'nonsense'
Remote access - Three steps to getting connected
3.4 million UK professionals now work from home – is your company equipped?
Cost benefits of a global collaboration network
This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.
We chat to Mike Maddison, UK head of Security, Privacy...
Update designed to give mobile users a richer, more personalised...
More thoughts on how servers can help manage overload
Do you agree?
Have your say on this article