“Last summer, Linux backers at several companies had some
explaining to do after hundreds of DNS servers running Version 5 of
Red Hat Inc.’s Red Hat Linux operating system were compromised by
hackers launching buffer overflow attacks. Taking advantage of a
known vulnerability, mischief makers took charge of those servers,
which maintain databases of domain names and their corresponding IP
addresses.”
“Although it was quickly determined that these servers were open
to attack because Linux had been installed using default
settings-something Red Hat advises against-the incident served to
reinforce the impression held by many top IT managers that, because
its source code is open and readily available, Linux is not as
secure as closed-source operating systems….”
“Some people see it as a trade-off when it comes to Linux,” said
Jimmy Alderson, an analyst with Atlanta-based Meta Security Group
Inc. “Because it’s open source, it’s easier to find places to
break in. But on the other hand, it’s that much easier to fix. You
can come up with a fix or count on thousands of other programmers
to come up with one.“