Just a few days after the release of the USA Today / Avantgarde study about how long an unprotected PC might survive on a network before experiencing a variety of un-targeted attacks; the folks at the Honeynet Project released the results of a similar study that looks at the "time to live" for various Linux distributions. The study finds that Most Linux PCs are much less vulnerable to attack than PCs running Microsoft operating system products. The study suggests that a Linux PC could last up to 3 months on the Internet without being compromised.
I don't think there is any "me too" factor here. The folks over at the Honeynet Project have been doing their work and producing good results for several years. Even though these latest results were published a couple of days after the USA Today study there are clear differences in the work.
The title of the Honeynet Project report is "Know Your Enemy - Trend Analysis". The Honeynet folks did a much more thoughtful job of looking at the various Linux distributions that were out there and talking about where the problems are. The reality seems to be that the older Linux distributions that #1 turned on more services by default, and #2 have more documented vulnerabilities simply because they have been around longer are more vulnerable to un-targeted attacks.
An interesting note (#2) in the section of the "Know Your Enemy" or KYE study titled 'Reasons" was the rise in network based phishing (social engineering) attacks where the target isn't the asset (the PC) but the personal data on the PC or the personal information of the user.
No comments:
Post a Comment