[ISN] Linux fights off hackers

InfoSec News isn at c4i.org
Tue Jan 18 06:38:00 EST 2005


Iain Thomson
17 Jan 2005

Linux systems are getting tougher for hackers to crack, security
experts have reported today.

A study by not-for-profit IT security testing organisation Honeynet
Project [1] has shown that, on average, Linux systems today take three
months to fall prey to hackers, up from 72 hours in equivalent tests
conducted between 2001 and 2002.

The 2004 results came after a team of researchers set up 19 Linux and
four Solaris 'honeypots' in eight countries including the UK.  
Honeypots are unpatched internet-connected computers designed to be
targets for hackers.

"Default installations of Linux distributions are getting harder to
compromise," said the report.

"New versions are more secure by default, with fewer services
automatically enabled, privileged separation in services such as
OpenSSH, host-based firewalls filtering inbound connections, stack
protection for common threats and other security mechanisms."

During the tests only four Linux honeypots were compromised (three
running Red Hat 7.3 and one with Red Hat 9). Two of those systems were
broken by brute force password attacks rather than by operating system

By contrast unpatched Windows systems exposed in a similar way in
tests last year by Symantec lasted a few hours, or in some cases

But there was bad news for Solaris users, with three out of the four
honeypots running Solaris 8 or 9 hacked within three weeks. However, a
fourth has been online for six months without being compromised.

[1] http://project.honeynet.org/

More information about the ISN mailing list