Vista is more secure then OSX and Linux and XP

mayorredbeard said:
Check it out:

http://gizmodo.com/348437/microsoft-says-vista-more-secure-than-xp-osx-and-linux

Logic makes sense here. The argument that, "Ya but this all depends on how many people are trying to exploit each system", doesn't really hold any water since more than likely the majority of malevolent hackers are targeting Vista.

I still don't believe its more secure than linux though.
Click to expand...
The majority of Linux is open source... why wouldn't it be unsecure. This is why apache isn't really used as a webserver for any major website.

In the end: Everything is insecure, that is why the best security is a layered approach.
 
I like to think of Vista as a hateful OS it hides files, locks you out and doesn't like certain programs. lol
 
Haha. Linux although open-source is secure, due to the lack of a wide user-base. Not to mention the fact that most Linux-users are computer-proficient, knowing what is safe and what is not. Thusly preventing any bad outbreak of a Linux virus.
 
colorblindjimbo said:
The majority of Linux is open source... why wouldn't it be unsecure. This is why apache isn't really used as a webserver for any major website.

In the end: Everything is insecure, that is why the best security is a layered approach.
Click to expand...

The vast majority of websites are apache.

Infact lets compare the worlds top 20 sites and see what webservers they use.

Google.com - Google httpd 1.3 (Modified Apache)
Yahoo.com - Didn't properly respond.
Myspace.com - IIS 6.0
Youtube.com - Apache 2.x
Facebook.com - Apache 1.3.37
live.com - IIS 6.0 (Duh, microsoft's server, even though they ran AIX on some servers)
wikipedia.org - Apache 2.x
msn.com - IIS 6.0 (Once again, microsofts servers)
craigslist.com ??? (Not IIS)
megarotic.com - Apache 2.x
aol.com - AOLserver/4.0.10 ???
amazon.com - ??? (Not IIS)
blogger.com - GFE/1.3 ??? (Apache)
megaupload.com - Apache 2.x
go.com - Apache 2.x
imdb.com
photobucket.com - Apache 2.x
cnn.com - Apache 2.x
Microsoft.com - IIS 7.0


Also, these sites are running apache

computerforums.org :D
cisco.com
tdcanadatrust.com (My Bank)
 
mayorredbeard said:
Haha. Linux although open-source is secure, due to the lack of a wide user-base. Not to mention the fact that most Linux-users are computer-proficient, knowing what is safe and what is not. Thusly preventing any bad outbreak of a Linux virus.
Click to expand...
So you're saying that a secure OS is defined by how many people are using it? So, DOS is more secure than Linux? I don't agree with that train of thought.


@ DJ-CHRIS

I was wrong about the amount of sites using APACHE. Although the information you gathered about what webserver is being run on those servers is a testimate to how unsecure alot of sites are. If I know what webserver you are running, the better chance I have at successfully attacking/exploiting your website.

We're taught in INFOSEC to disguise as much as possible about your services as possible.
 
colorblindjimbo said:
I was wrong about the amount of sites using APACHE. Although the information you gathered about what webserver is being run on those servers is a testimate to how unsecure alot of sites are. If I know what webserver you are running, the better chance I have at successfully attacking/exploiting your website.

We're taught in INFOSEC to disguise as much as possible about your services as possible.
Click to expand...

Disguising what webserver you are running is very hard. Infact I don't think you can even disguise an IIS webserver at all as well. Apache servers you can change the server identifier, due to them being open source. Closed source IIS, no way (That I know of). These sites are also some of the worlds most secure sites in the world, you can even pull the server identified off of the NSA.GOV website (And it runs IIS 6.0).

Trying to hide what your webserver is running doesn't really work. Aside from a few of the worlds most popular websites, a huge chunk of 95% will be running IIS 6.0, Apache 1.3.X or Apache 2.X (With a few with IIS 5 / 7 and a few other weird webservers)

_-..zKiLLA..-_ said:
hey DJ-Chris whered u find that out??
Click to expand...

This information was mainly gained by use of a program called "ID Serve" and if webservers were stubborn, nmap :D

Just connecting to a webserver on port 80 and sending an HTTP GET request, cf answered like this (Using "ID Serve")

HTTP/1.1 200 OK
Date: Fri, 25 Jan 2008 02:47:39 GMT
Server: Apache/2.2.4 (Win32) PHP/5.2.1
X-Powered-By: PHP/5.2.1
Set-Cookie: bblastvisit=1201229259; expires=Sat, 24-Jan-2009 02:47:39 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Sat, 24-Jan-2009 02:47:39 GMT; path=/
Expires: 0
Cache-Control: private, post-check=0, pre-check=0, max-age=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

Or this is microsoft's webpage after sending a "GET /HTTP/1.1" using telnet

telnet microsoft.com 80
Trying 207.46.232.182...
Connected to microsoft.com.
Escape character is '^]'.
GET /HTTP/1.1
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Jan 2008 03:13:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
level: t12
Location: http://www.microsoft.com/HTTP/1.1
Content-Length: 31
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQCDTDTTS=LIOFPPJADOEHAHJKCACNOEKN; path=/
Cache-control: private

redmond\<!--TOOLBAR_EXEMPT-->
Connection closed by foreign host.
 
You must log in or register to reply here.

Similar threads

W
Covert Communication via modulated Ultrasonic Acoustic Pressure Waves
Replies
0
Views
1K
WhiteHatX74
W
MadmanRB
Vista's end of life and what to do about it
2 3
Replies
25
Views
4K
carnageX
carnageX
S
Short Tutorial: Introduction to Linux.
Replies
0
Views
3K
Spud1200
S
S
Setting up OpenVPN and PIA on Linux Mint 18 Sara.
Replies
0
Views
5K
Spud1200
S
iParanormalx
High-end laptop
2
Replies
13
Views
4K
PP Mguire
PP Mguire
Back
Top Bottom