I didn't buy a Centrino willingly, I worked on the P4 - Bob Colwell, former chief architect, Intel
|
|
|
Advertisement
Subscribe to INQ newsletters
Advertisement
INQ Poll
If Windows and OSX are bug-ridden proprietary systems, we could safely state that Linux is a bug-ridden open-source system.
I don't know how the hell having a public source code would make its sysadmins less cautious.
That's just against common-sense.
Ever heard of port knocking? Look it up and use it you lazy bastards.
Also, a handy PAM module that will track connect attempts and block/log failures from particular IPs:
http://www.hexten.net/wiki/index.php/Pam_abl
Noticed this in april. Easy fix is to change the port ssh listens on. Next thing to do would be to add a few lines to your iptables to drop any packets from any host that requests a connection unsuccessfully on any port greater than 5 for 2 minutes or more.
Ive said this numerous times that any OS is only as secure as the admin who configures and MAINTAINS it. There is no set it and forget it OS. Be it Windows, Linux, or Unix all require doing additional work to lock down and open appropriate ports, accounts/access, applications, surrounding equipment, physical access, Patch Management, and services/daemons that are running on the boxes to name just a few.
None are actually superior however some are inferior that rely on security through obscurity (Apple). Windows makes it easier but most admins are Lazy if not competent enough. There is a lot of Lazy and Useless in the IT world. Paper MCSE's and Agencies please stop requesting MCSE certification because the exams answers are floating around on the web or being passed around via sneakernet. I cant even bother with certification any more. I have known MCSE's who dont even own a computer.
That you can't fix stupid.
Of course, anyone who has their root account enabled for login over the Internet don't have a clue on System Administration either. No reason to have root accessible. Or run SSH on port 22. Or allowing password-based authentication at all. Or, with the availability of OpenVPN, having SSH be Internet facing altogether.
its just having worked with MS for so long you forget it can be worth it.