falk0n

Exploits

21 posts in this topic

Im doing a project for school and i have to find out what has more exploits/what is harder to secure Linux or Windows. Can anyone help me with this?

0

Share this post


Link to post
Share on other sites
Im doing a project for school and i have to find out what has more exploits/what is harder to secure Linux or Windows. Can anyone help me with this?

Hands down, no argument, without a doubt, Windows has more security vulenerabilities.

-Dr^ZigMan

0

Share this post


Link to post
Share on other sites

It's not necessarily that Windows is more insecure than Linux, they both have their fair share of vulnerabilities. Linux however is much easier to secure, and the average Linux user is far more knowledgeable than the average Windows loser errrr user. However, it is probably true that a more of Windows flaws are critical than the flaws in Linux.

0

Share this post


Link to post
Share on other sites

Microsoft exploit code tends to be more complex. But I'm a UNIX guy and it looks like nonsense to me. I guess a person who has programmed in a Windows environment would be more adept at reading the code. I haven't really played with Windows since 95.

A Windows box is probably easier to break judging by all the press coverage and average user intelligence. However, intrusions on both ends are usually the result of an inexperience or carelessness.

0

Share this post


Link to post
Share on other sites

This is such a hard thing to compare and put on paper. Linux is nothing more than the kernel. There are tons of "Linux distrubutions", and only a handful of "Windows". For example, if Debian releases there latest distro, and it's found that they released a vulnerable version of "mutt" (email client). What catagory does that go in? A "Debian" security problem? Sure. Expecially if "mutt" is install by default. I'd call it a "mutt" problem. However, what ends up happening is anaylist write it up as a "linux security problem". Its just another "security problem" related to "Linux". That's not exactly fair, as Slackware, Gentoo, Redhate (*cough*) Redhat might not have the same problem.

So, on paper - you see, "oh Linux has _many, many_ vulnerablities as compared to Windows". With Windows, if the security problems are with the base system, we call it a "Windows security problem" . If Winzip has a security flaw, we don't add that to the "Windows security vuln. list" - we call it a "Winzip flaw".

That's fair. Windows doesnt installed Winzip by default.

To do it "fair", you have to pit various flavors of Linux and Windows - not just "Linux verses Windows".

To add up all the vuln. with the various Linux flavors as "general linux flaws", isnt exactly fair.

After all, that "mutt" problem might be the same under FreeBSD as it is with Linux. Besides that, is just another religous war of comparions (Windows verses Linux, Mac verses Windows, etc). Clearly,

nobody ever really "wins". Numbers get bent by both sides all the time.

0

Share this post


Link to post
Share on other sites
Im doing a project for school and i have to find out what has more exploits/what is harder to secure Linux or Windows. Can anyone help me with this?

Hands down, no argument, without a doubt, Windows has more security vulenerabilities.

-Dr^ZigMan

Actually in the past this was very true. If you go by CERT (or any other big vendor who tracks vulns) numbers, Linux has been surpassing Windows in vulnerabilities in the past year or two. Looking at this link which tracked Sept 21-27 2005, Windows has 7 vulns whereas Linux/UNIX has well over 40. This is a staggering number since it covers only one calendar week. This is actually a very growing trend these days with more and more vulnerabilities being found in Linux than in Windows that are publically released. The true difference is that most of the Linux vulns found are fixed in days or weeks whereas almost any Win32 vuln is fixed either on the current month's "Super Tuesday" patch release or within a few months.

0

Share this post


Link to post
Share on other sites

So even though windows has less vulnerabilites they take longer to be fixed. and Linux has a variety of them but are fixed asap. (not trying to make it sound like linux is filled with virii but thye have 40 to windows 4 you said) thanks for the info keep bringing it if you can all this helps.

0

Share this post


Link to post
Share on other sites
Actually in the past this was very true.  If you go by CERT (or any other big vendor who tracks vulns) numbers, Linux has been surpassing Windows in vulnerabilities in the past year or two.  Looking at this link which tracked Sept 21-27 2005, Windows has 7 vulns whereas Linux/UNIX has well over 40.  This is a staggering number since it covers only one calendar week.  This is actually a very growing trend these days with more and more vulnerabilities being found in Linux than in Windows that are publically released.  The true difference is that most of the Linux vulns found are fixed in days or weeks whereas almost any Win32 vuln is fixed either on the current month's "Super Tuesday" patch release or within a few months.

Challange! :)

I would venture to say that most of the linux errors though aren't the same broadranging sweeping vuln's that are found for windows. Also are you saying kernel only vuln's? Or are we talking sendmail, apache etc etc? If your going to walk down that road then you should include every other piece of software that runs on windows.

Further, most of the vuln's on linux REQUIRE that someone be set up inproperly, i.e. if the person who set everything up sucked balls then there could be a very bad vuln opened up. But for the most part as far as broad reaching vuln's I think windows certainly has linux beat. Another thing to consider is that people actually report and publicize linux vuln's but don't say anything bad about windows or cisco, I mean it's not like they can slap you with an injunction and a gag order! Oh wait...

Long story short. I think if you put two systems side by side, one a windows computer running "standard" serves, one a linux system using my personal favorite slackware, you'd find the windows version acting as a zombie for some spammer's botnet way before your linux system ever had to reboot. That's just my two cents though :)

-Dr^ZigMan

0

Share this post


Link to post
Share on other sites

You are quite correct Mr^ZigMan. Most of the issues are app-related, not for the kernel. And if you start looking further, almost all of them are vendor-specific. The only broad sweeping vulns app-wise on Linux are for things like GAIM and the occassional problem with SSH.

But for sake of what the parent is looking for, evidence is starting to prove that Linux is seeming more vulnerable than Windows these days. Yes, most of it is due to user error but honestly, isn't that what most of Win32 vulns are as well?

0

Share this post


Link to post
Share on other sites
But for sake of what the parent is looking for, evidence is starting to prove that Linux is seeming more vulnerable than Windows these days.  Yes, most of it is due to user error but honestly, isn't that what most of Win32 vulns are as well?

Ahhh, an excellent retort! I suppose if you were to put together two "averge" users one with linux and one with windows the windows box would be easier to defend against the "general" population. However if you put together two "network adminstrators" and one linux one windows, the potential to have better security exists in linux. It all depends on your referance frame then I suppose.

-Dr^ZigMan

ps How about that spell checking plugin while I'm at it? :)

0

Share this post


Link to post
Share on other sites

Probably one of the reasons that so many exploits are found for Linux and Unix, is that they are open source. If Windows was open source, then there would probably overwhelming amounts of exploits every day. The exploits that are found in windows are almost always in proprietary applicatons, or in the proprietary kernel or operating system. UNIX is also much simpler, you can get some /bin/sh shellcode working, just by calling execve. In windows, shellcode writing is a lot tougher, and you can't just call execve. Windows does not use interupts, therefore there is a lot of code going into a simple system call. There is also a lot of diversity in the different linux and unix distributions, and a lot of them. Today the only things you see are Windows 2000 and Windows XP, and *maybe* Windows 95 for some home user.

Another thing, many linux programmers cannot drink. Debian was at one point going to be bought out by a company (cheers to that not happening) and one of the things the company said was that you can't have anyone working on this that is under 18, and something like 50% of them were under 18. And these guys are not professional programmers, they still do make mistakes (not as many as windows does :P ). I have heard that in some places in the linux kernel there are comments that say something along the lines of," /* I don't really know that this should be here, but it's working allright, and I don't want to screw it up, so I'm going to leave it */."

There is also the legality problem. If you make an exploit for linux, they'll just ask you if you could maybe write a patch, and tell everyone "We screwed up, heres the patch." But if you find a vulnerability for windows, they'll tell you to stfu untill we have the patch released, and most systems have been patched. Zotob was exploiting a vulnerability that was patched a day before the worm was released. Windows now knows that something like that will be very shitty, so they'll be harsher on legal action for exploits that are released after the people who wrote it were told to stfu.

Also, exploiting linux / unix is just more fun, there are more things to play around with, ELF is a really cool object file format, and so on. And the people who write exploits are generaly computer savy people, who know that windows sucks, and who generaly avoid it.

I could keep going on and on, but I'll leave it at that.

0

Share this post


Link to post
Share on other sites

I agree with what Zigman's been saying. Just a thought though... Isn't Linux simply more secure because less people are writing exploits for it? I mean, most virii, trojans, etc., are written to be sent at companies and average users, so they write them for Windows. If everyone used Linux, there'd be more virii etc., for it, because the usual suspects would start writing them.

Just a thought, anyway :)

0

Share this post


Link to post
Share on other sites
I agree with what Zigman's been saying. Just a thought though... Isn't Linux simply more secure because less people are writing exploits for it? I mean, most virii, trojans, etc., are written to be sent at companies and average users, so they write them for Windows. If everyone used Linux, there'd be more virii etc., for it, because the usual suspects would start writing them.

Just a thought, anyway  :)

You're half right actually. Right now, there is a movement in the underground where people are beginning to write more and more exploits for Linux. This is very much evidenced by looking at milw0rm's database of PoCs, FrSIRT's PoC database and some others. As I stated to Zig, Linux has almost a 2:1 ratio of vulnerabilities these days. Why? Because Linux is becoming a lot more commonplace than as early as two years ago.

Just reading over vulnerability mailing lists and security lists, you'll see a lot of people aiming things at Linux. This is going to be a continuing trend I think and I really think that it's going to pick up exponentially in the 18 months.

0

Share this post


Link to post
Share on other sites
This is such a hard thing to compare and put on paper.    Linux is nothing more than ...

nobody ever really "wins".    Numbers get bent by both sides all the time.

I couldn't have said it better myself. This has annoyed me for a long time. Unfortunately it will never change.

0

Share this post


Link to post
Share on other sites

So ok, if one were to cut out all the side application vulnerabilities and focus just on the operating system it self, no services running on the host. Who would win hands down and why?

0

Share this post


Link to post
Share on other sites

Like most people say, the vulnerabilities found in GNU/Linux are more of application problems than Operating System problems. These problems can be found in poor configuration of one's servers and the like. But to be honest, i do not know which kernel is more secure, i'm not a security expert. Either way, both operating systems can't touch OpenBSD. If you're worried about security and are paranoid, i advise you look into OpenBSD.

0

Share this post


Link to post
Share on other sites

If you take a recent Windows system with a *good* Windows administrator, and then take a recent Linux system with a *good* Linux administrator then I don't personally think there would be much between them. The major difference here is that the Linux box starts out a lot more secure than the Windows box does. This depends a lot on which version of Windows you use, and on which distro of Linux you use. Something like SELinux is probably going to be a lot more secure than Redhat, in much the same way that Win2K is much more secure than WinME. (Those two chosen since they are about the same age as each other).

Also, because Windows is the majority desktop system, this means that people deliberatly attempt to exploit it a lot more than they do Linux systems. Also, because it's the majority desktop system it gets a lot more press than Linux does when critical security flaws are discovered.

On top of all this, I'd still always pick a Linux box for servers over a Windows box every time, various reasons.

0

Share this post


Link to post
Share on other sites

In regards to linux having the vast percentage of exploits being writen for it, you have to regard the fact that a great deal more people are writing exploits these days. In comparison to say 5 years ago the amount of people able to code a 0day or simply modify existing code to hop over a patch or the like has undoubtibly doubled at the least. Comming from someone who is starting to code exploits and review exploit code, I would much rather learn on linux than on windows. Windows can be a pain to own, you can't easily use a majority of the functions from a command prompt and honestly who would like to MSTS into a box they just owned while going through persay TOR and a proxy /etc.

The only reason there are more exploits for linux and unix is because its a more robust feature filled operating system, and its easier to make the call to /bin/sh. I would wager that almost everyone on this forum that codes exploits or is learning to started and most likely mainly writes them for linux/unix.

0

Share this post


Link to post
Share on other sites

windows has plenty more holes, the problem is, people who know what they are doing can't see the source, so when a bad guy finds it, THEN it's public, and exploited, with linux, anyone can look at the source, as well as with almost all the software, and when they find a problem, they usually report it, and it's fixed

0

Share this post


Link to post
Share on other sites
windows has plenty more holes, the problem is, people who know what they are doing can't see the source, so when a bad guy finds it, THEN it's public, and exploited, with linux, anyone can look at the source, as well as with almost all the software, and when they find a problem, they usually report it, and it's fixed

not to mention that Microsoft and other big companies use the courts to silence you if you find out a bug/exploit. So there are probably loads of exploits that just haven't been publicised properly yet.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now