Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Linux fights off hackers

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Linux fights off hackers
Date: Tue, 18 Jan 2005 05:38:00 -0600 (CST) 
http://www.vnunet.com/news/1160588

Iain Thomson
vnunet.com 
17 Jan 2005

Linux systems are getting tougher for hackers to crack, security
experts have reported today.

A study by not-for-profit IT security testing organisation Honeynet
Project [1] has shown that, on average, Linux systems today take three
months to fall prey to hackers, up from 72 hours in equivalent tests
conducted between 2001 and 2002.

The 2004 results came after a team of researchers set up 19 Linux and
four Solaris 'honeypots' in eight countries including the UK.  
Honeypots are unpatched internet-connected computers designed to be
targets for hackers.

"Default installations of Linux distributions are getting harder to
compromise," said the report.

"New versions are more secure by default, with fewer services
automatically enabled, privileged separation in services such as
OpenSSH, host-based firewalls filtering inbound connections, stack
protection for common threats and other security mechanisms."

During the tests only four Linux honeypots were compromised (three
running Red Hat 7.3 and one with Red Hat 9). Two of those systems were
broken by brute force password attacks rather than by operating system
vulnerabilities.

By contrast unpatched Windows systems exposed in a similar way in
tests last year by Symantec lasted a few hours, or in some cases
minutes.

But there was bad news for Solaris users, with three out of the four
honeypots running Solaris 8 or 9 hacked within three weeks. However, a
fourth has been online for six months without being compromised.

[1] http://project.honeynet.org/



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - 
http://www.osvdb.org/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Linux fights off hackers, InfoSec News <=
Previous by Date:  [ISN] Canadian lawsuit raises messaging privacy issue, InfoSec News
Next by Date:  [ISN] Microsoft to become security outfit by next month, InfoSec News
Previous by Thread:  [ISN] Canadian lawsuit raises messaging privacy issue, InfoSec News
Next by Thread:  [ISN] Microsoft to become security outfit by next month, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]