[Dshield] OS Comparisions
jayjwa at atr2.ath.cx
Tue Nov 15 20:09:52 GMT 2005
Several lists back, someone was wondering if there was ever a test done of the
security of various different operating systems in their default setups. Today
while I was searching for something else, I came upon this link:
The idea of the test was to take various operating systems, set them up as
they'd be "out of the box", and then run some security scanners (Nessus, Nmap,
etc) on them to see what shows up. It's pretty interesting, but one thing I
noticed about the systems is that some of them seem to be more heavily
disadvantaged in the tests, namely the Mac OSX and Linux systems. For example,
the Windows systems all got their SP's and had the privilege of hitting
Windowsupdate before the tests (not really what I'd call "out-of-the-box",
then). After their OS versions are listed you can see "SP1", "SP2" for
example, and the author's written "WinUpdate" after that. The linux names show
up like this example, "Slackware 10", with no mention of other modifications.
With the Linux and Mac, he's gone into inetd.conf and enabled stuff which
would normally be disabled (for example, Slackware 10 does not come with Bind9
running or enabled) like smtp servers, RPC's (!), and even time servers for
good measure. The reasoning he gives for this is to simulate what services
would normally be running. IMO, if a system ships without certain services
running, then that IS the default, but I can understand his choice for doing
OK, so maybe it's not an entirely leveled playing-field. Still, you might like
to see how the various systems compared against each other.
/ / __ __ __ __ __ __ __ mail me for my *
/ /__ / / / \/ / / /_/ / \ \/ / * email address.
/_____/ /_/ /_/\__/ /_____/ /_/\_\ ::[ATr2 RG 2005]::
IF you have to request that people contact you via a WEBFORM
because you've blocked off virtually all smtp-sent email from
your own MTA ...You just might be guilty of DNS-RBL abuse.
More information about the list