NewsForge: Bastille's Beale: How to Avoid Security Problems, Linux vs. Windows Security

"We went to Jay Beale with our questions about the current state of Linux security. He's a security consultant specializing in host lockdown, network security and security audits. Jay also serves as lead developer of the Bastille project, which creates a hardening script for Linux and HP-UX, is a member of the Honeynet Project, and is a core participant in the Center for Internet Security...

"Linux.com: It seems as if malicious hackers are targeting Linux more lately, perhaps because of its growing popularity. Recently, there have been reports of the Slapper and Mighty worms. Do you see that trend?

"Beale: I really don't see that kind of trend here. Most of the vulnerability hunting that gets done isn't really this targeted. It's much more opportunistic. People found some juicy vulnerabilities in Apache and wrote exploits. A little later, people start writing worms to automate the process. This happens often enough. Honestly, I feel safer on Linux partly because worms are such a rare occurrence, compared to the Windows world, which has to spend so much time fighting each and every one. So far, we've been a lot safer on Linux..."

Complete Story

Related Stories:

• Linux Journal: Hacking Vegas at Black Hat and DEF CON: One Geek's Experience (Jul 29, 2001)
• LinuxPR: Bastille Linux Release Version 1.2(Jun 15, 2001)
• LinuxPlanet: Jay Beale: Education Is Primary Defense for Secure Machines(Feb 16, 2001)
• LinuxPlanet: Protecting Your Linux System with FireStarter and Storm Firewall(Dec 01, 2000)