Wednesday, March 05, 2008

UNIX/Linux as a poor vulnerability target

UNIX has some characteristics that make it less attractive for security attacks

Unix is still primarily used on different platforms.
This use, make the average UNIX user more knowledgeable about the operating system and security.

There are many scripting techniques in UNIX.
Unlike Windows, the scripting is not integrated into applications (such as Outlook and Word).

In UNIX, scripts can be integrated into applications such as mail and word processing, but not to be _the default configuration_.

This makes UNIX much less vulnerable than a Windows system that is running Outlook and allows users to commonly run Visual Basic scripts.

Also the inability of a common user to alter an executable is a severe restriction on viruses and worms that depend on users to propagate their malware.

On the other hand in Unix, Physical Security is somehow perfectly controlled:
(monitoring hardware changes)
A software tool library like kudzu, detects and configures new and/or changed hardware on a RedHat Linux system and currently ported to different other distros.

What's notable that it detects the current hardware and checks it against a database stored in /etc/sysconfig/hwconf, which mean it can be an eye on system hardware monitoring any changes.

Another piece in Unix is its partitioning of disks and file systems which can be a physical security issue.

File systems, such as ext3 in Linux, use journaling to make the recovery of damaged file systems more reliable.

Journaling provides for a fast file system restart in the event of a system crash, using database techniques, journaling can restore a file system in a matter of minutes, or even seconds.

Not finished yet....

No comments: