• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Study shows Mac OS X Server among most secure in world

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Macintosh

View previous topic :: View next topic  
Author Message
chris
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777201
Location: ~/security-forums

Offline

PostPosted: Sun Feb 22, 2004 6:14 pm    Post subject: Study shows Mac OS X Server among most secure in world Reply with quote

British cyber security firm mi2g recently announced the results of a study that names Mac OS X one of the most secure online server operating systems in the world, alongside the Berkeley Software Distribution (BSD) family of Open Source systems. The study also showed that Linux is currently the most-breached online server OS.

The study was conducted by mi2g's Intelligence Unit, which looked at the overall number of attacks against government and private sector online servers, as well as the percentage of successful attacks, for the month of January. Linux bore the brunt of 80 percent of the overall attacks, followed by Microsoft Windows at 12 percent and BSD and Mac OS X at 3 percent, together

The total number of successful attacks, according to mi2g, was 17,074, of which Linux accounted for 13,654, Windows 2,005, and BSD and Mac OS X 555. Looking strictly at successful attacks against government servers, Linux comprised 57 percent of those, followed by Windows at 35 percent and BSD and Mac OS X at 0 percent, which the company notes is a first for that category.

mi2g also saw a stark contrast between January's percentage of successful attacks against government servers and the situation six months ago, when Windows was at 51 percent and Linux suffered just 14 percent of the breaches. DK Matai, the company's executive chairman, noted that "the swift adoption of Linux last year within the online government and non-government server community, coupled with inadequate training and knowledge of how to keep that environment secure when running vulnerable third party applications, has contributed to a consistently higher proportion of comprised Linux servers."



Source

MacCentral Full Article
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
Mongrel
SF Mod
SF Mod


Joined: 30 May 2002
Posts: 8


Offline

PostPosted: Mon Feb 23, 2004 1:28 am    Post subject: Reply with quote

Stands to reason - *nix used to be most secure until it became
very popular. Once that happened it became targeted by default
and studied more intensely for weaknesses.

The Oooold Security by Obscurity concept.
Nothing more IMHO


Last edited by Mongrel on Mon Feb 23, 2004 2:28 am; edited 1 time in total
Back to top
View user's profile Send private message
mregg
Just Arrived
Just Arrived


Joined: 29 Jan 2004
Posts: 0


Offline

PostPosted: Mon Feb 23, 2004 1:49 am    Post subject: Reply with quote

Perhaps some linux junkies will quit telling the world how much better it is than Windows now...
Back to top
View user's profile Send private message
alt.don
SF Boss
SF Boss


Joined: 04 Mar 2003
Posts: 16777079


Offline

PostPosted: Mon Feb 23, 2004 2:23 am    Post subject: Reply with quote

We linux junkies say that by virtue of the fact that the source code is open for audit by all. Unlike Microsoft's which is not. Or was not until recently Laughing
Back to top
View user's profile Send private message Visit poster's website
Tom Bair
SF Boss
SF Boss


Joined: 10 Aug 2002
Posts: 16776955
Location: Portland, Oregon USA

Offline

PostPosted: Mon Feb 23, 2004 2:46 am    Post subject: Reply with quote

This thread is seriously getting off-topic Rolling Eyes
Back to top
View user's profile Send private message Visit poster's website
shakin
Just Arrived
Just Arrived


Joined: 18 Jul 2003
Posts: 0


Offline

PostPosted: Tue Feb 24, 2004 12:05 am    Post subject: Reply with quote

mi2g doesn't define what they consider an "attack" or a "breach". If a hacker stumbles upon an unsecured phpmyadmin install, is that a breach? What about a SQL injection in the app? What about an anonymous FTP with write privs? There are lots of ways to break into a server that aren't the fault of the OS. I'm sure a boat load of wu-ftp security vulnerabilities were counted, but that hardly makes Linux less secure.
Back to top
View user's profile Send private message Send e-mail
Colonel_Panic
Just Arrived
Just Arrived


Joined: 13 May 2004
Posts: 2


Offline

PostPosted: Sat Nov 20, 2004 3:10 pm    Post subject: Re: Study shows Mac OS X Server among most secure in world Reply with quote

chris wrote:
... Linux bore the brunt of 80 percent of the overall attacks, followed by Microsoft Windows at 12 percent and BSD and Mac OS X at 3 percent,...

...The total number of successful attacks, according to mi2g, was 17,074, of which Linux accounted for 13,654, Windows 2,005, and BSD and Mac OS X 555. Looking strictly at successful attacks against government servers, Linux comprised 57 percent of those, followed by Windows at 35 percent and BSD and Mac OS X at 0 percent, which the company notes is a first for that category.



Now wait a minute. Does this study take into account that linux is by far most common os on servers, followed by Windows and I don't often hear about Mac servers. In this light, linux comprising 57 percent of succesful attacs compared to Windows 35% actually seems to indicate that linux is more secure.

However, back to original topic, my friend who is security professional recently started using Mac as his personal computer because it is, in his opinion (and this guy knows a lot), most secure. In fact, I'm planning to get me a new computer and Mac is one option I'm seriously considering...
Back to top
View user's profile Send private message
inittab
Just Arrived
Just Arrived


Joined: 17 Nov 2004
Posts: 0


Offline

PostPosted: Sat Nov 20, 2004 3:17 pm    Post subject: Reply with quote

I can't see how anyone can come up with these kinds of stats. Particulary since there are a total of only 4 or m_a_y_b_e 5 Mac OS X severs in the world. Wink
Back to top
View user's profile Send private message
0mega
Just Arrived
Just Arrived


Joined: 15 May 2004
Posts: 1
Location: In Front of My Computer

Offline

PostPosted: Sat Nov 20, 2004 9:11 pm    Post subject: Reply with quote

inittab wrote:
I can't see how anyone can come up with these kinds of stats. Particulary since there are a total of only 4 or m_a_y_b_e 5 Mac OS X severs in the world. Wink

That stat is kinda skewed! I see what you're saying, but we have more Mac servers just where I work than that! (I might mention that we are an authorized Apple repair center, and we don't do PCs, so that kinda sways us. Laughing )

Cheers,
0mega
Back to top
View user's profile Send private message Visit poster's website
xcfx
Just Arrived
Just Arrived


Joined: 19 Nov 2004
Posts: 0
Location: Puerto Rico

Offline

PostPosted: Thu Dec 23, 2004 12:54 am    Post subject: Reply with quote

And I can't see w_h_y it matters so much if there are running 5,000 servers or just 1.

You only need one server of each Operating System to perform a security test.

The security tests are performed on default software installations, that means without tweaking, without modifying, just running out of the box. -- And that's where OS X and BSD is general is superior over Linux.

Now, if you have one of the most secure out-of-the-box Operating System, and mix that with a good systems administrator, you have an ultra secure system.
Back to top
View user's profile Send private message
xcfx
Just Arrived
Just Arrived


Joined: 19 Nov 2004
Posts: 0
Location: Puerto Rico

Offline

PostPosted: Thu Dec 23, 2004 12:57 am    Post subject: Reply with quote

I forgot to mention, that I know a lot of people that might not run Mac OS X Server at all, but they run Darwin on their X86 servers. :p
Back to top
View user's profile Send private message
ryansutton
Trusted SF Member
Trusted SF Member


Joined: 25 Aug 2004
Posts: 67
Location: San Francisco, California

Offline

PostPosted: Thu Dec 23, 2004 1:52 am    Post subject: Reply with quote

I don't think I agree that "out of the box" security has anything to do with how a secure an OS is. The reason being is that everyone has different uses for a computer, which means I will secure my OS differently then you secure yours. What matters is potential for security, the only reason to be concerned with out of the box security is if you plan on doing nothing to tighten things up. If that is the case then why read this thread? Laughing
Back to top
View user's profile Send private message
xcfx
Just Arrived
Just Arrived


Joined: 19 Nov 2004
Posts: 0
Location: Puerto Rico

Offline

PostPosted: Fri Dec 24, 2004 12:13 am    Post subject: Reply with quote

ryansutton wrote:
I don't think I agree that "out of the box" security has anything to do with how a secure an OS is. The reason being is that everyone has different uses for a computer, which means I will secure my OS differently then you secure yours. What matters is potential for security, the only reason to be concerned with out of the box security is if you plan on doing nothing to tighten things up. If that is the case then why read this thread? Laughing


I agree, everyone has different uses for a computer -- in my opinion "potential for security" goes by hands with out of the box security. Let me explain my point, you and I have very different approaches on our systems, we will secure our systems on very different ways -- yet, we like the same Operating System... you may tweak some parts of it to make it more secure but I think it will be a bit doubtful that you will tweak the entier Operating Systems, not everyone has that amount of time or interest and thats when I think an out of the box system that is secure is very useful.

p.s. I'm lazy today, so, if you want a more elaborated tell me which part and i'll do it ;P
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Macintosh All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter