|
我愛小紅獅 AV Expert
小紅獅親衛隊隊長 - 帖子
- 4887
- 精華
- 18
- 威望
- 30320
- 黃金
- 3518
- 來自
- 台灣台北
- 註冊時間
- 2006-12-22
|
1#
大 中
小 發表於 2008-2-29 01:25 只看該作者
Linux/MAC病毒攻擊較少於Windows是因為用戶數量比較少?
大家看看吧,順便修正一下自己的觀念 引用:Myth: There's Safety In Small Numbers
Perhaps the most oft-repeated myth regarding Windows vs. Linux securityis the claim that Windows has more incidents of viruses, worms, Trojansand other problems because malicious hackers tend to confine theiractivities to breaking into the software with the largest installedbase. This reasoning is applied to defend Windows and Windowsapplications. Windows dominates the desktop; therefore Windows andWindows applications are the focus of the most attacks, which is whyyou don't see viruses, worms and Trojans for Linux. While this may betrue, at least in part, the intentional implication is not necessarilytrue: That Linux and Linux applications are no more secure than Windowsand Windows applications, but Linux is simply too trifling a target tobother attacking.
This reasoning backfires when one considers that Apache is by farthe most popular web server software on the Internet. According to theSeptember 2004 Netcraft web site survey, [1] 68% of web sites run theApache web server. Only 21% of web sites run Microsoft IIS. If securityproblems boil down to the simple fact that malicious hackers target thelargest installed base, it follows that we should see more worms,viruses, and other malware targeting Apache and the underlyingoperating systems for Apache than for Windows and IIS. Furthermore, weshould see more successful attacks against Apache than against IIS,since the implication of the myth is that the problem is one ofnumbers, not vulnerabilities.
Yet this is precisely the opposite of what we find, historically.IIS has long been the primary target for worms and other attacks, andthese attacks have been largely successful. The Code Red worm thatexploited a buffer overrun in an IIS service to gain control of the webservers infected some 300,000 servers, and the number of infectionsonly stopped because the worm was deliberately written to stopspreading. Code Red.A had an even faster rate of infection, although ittoo self-terminated after three weeks. Another worm, IISWorm, had alimited impact only because the worm was badly written, not because IISsuccessfully protected itself.
Yes, worms for Apache have been known to exist, such as the Slapperworm. (Slapper actually exploited a known vulnerability in OpenSSL, notApache). But Apache worms rarely make headlines because they have sucha limited range of effect, and are easily eradicated. Target sites werealready plugging the known OpenSSL hole. It was also trivially easy toclean and restore infected site with a few commands, and without asmuch as a reboot, thanks to the modular nature of Linux and UNIX.
Perhaps this is why, according to Netcraft, 47 of the top 50 websites with the longest running uptime (times between reboots) runApache. [2] None of the top 50 web sites runs Windows or Microsoft IIS.So if it is true that malicious hackers attack the most numeroussoftware platforms, that raises the question as to why hackers are sosuccessful at breaking into the most popular desktop software andoperating system, infect 300,000 IIS servers, but are unable to dosimilar damage to the most popular web server and its operatingsystems?
Astute observers who examine the Netcraft web site URL will notethat all 50 servers in the Netcraft uptime list are running a form ofBSD, mostly BSD/OS. None of them are running Windows, and none of themare running Linux. The longest uptime in the top 50 is 1,768consecutive days, or almost 5 years.
This appears to make BSD look superior to all operating systems interms of reliability, but the Netcraft information is unintentionallymisleading. Netcraft monitors the uptime of operating systems based onhow those operating systems keep track of uptime. Linux, Solaris,HP-UX, and some versions of FreeBSD only record up to 497 days ofuptime, after which their uptime counters are reset to zero and startagain. So all web sites based on machines running Linux, Solaris, HP-UXand in some cases FreeBSD "appear" to reboot every 497 days even ifthey run for years. The Netcraft survey can never record a longeruptime than 497 days for any of these operating systems, even if theyhave been running for years without a reboot, which is why they neverappear in the top 50.
That may explain why it is impossible for Linux, Solaris and HP-UXto show up with as impressive numbers of consecutive days of uptime asBSD -- even if these operating systems actually run for years without areboot. But it does notexplain why Windows is nowhere to be found inthe top 50 list. Windows does not reset its uptime counter. Obviously,no Windows-based web site has been able to run long enough withoutrebooting to rank among the top 50 for uptime.
Given the 497-rollover quirk, it is difficult to compare Linuxuptimes vs. Windows uptimes from publicly available Netcraft data. Twodata points are statistically insignificant, but they are somewhattelling, given that one of them concerns the Microsoft website. As ofSeptember 2004, the average uptime of the Windows web servers that runMicrosoft's own web site (www.microsoft.com) is roughly 59 days. Themaximum uptime for Windows Server 2003 at the same site is 111 days,and the minimum is 5 days. Compare this to www.linux.com(a sample site that runs on Linux), which has had both an average andmaximum uptime of 348 days. Since the average uptime is exactly equalto the maximum uptime, either these servers reached 497 days of uptimeand reset to zero 348 days ago, or these servers were first put on-lineor rebooted 348 days ago.
The bottom line is that quality, not quantity, is the determiningfactor when evaluating the number of successful attacks againstsoftware.
http://www.theregister.co.uk/sec ... ows_vs_linux/#myth1 搜索更多相關主題的帖子:
Windows Linux Mac
|
