[ Thanks to Nobody for this link.
]
“Unix derives its bad security reputation from four primary
sources; its rich variety of network services, the prominence of
wide-open academic institutions in Unix antiquity, the extensive
Unix documentation available, and, perhaps most important, the
traditional practice of shipping Unix with many services
automatically enabled by the installation process.”
“While many proprietary operating system vendors do rely heavily
on security through obscurity, Unix is well known and thoroughly
documented. Your local bookstore probably has books on Unix
internals and the intricacies of Unix networking. Further, a
typical modern Unix distribution may well install over 20,000 files
and more than 50 network services — before you add the first user
or web page. Most of the network services provided are unnecessary
at many sites and those that are required are sometimes improperly
configured, resulting in unintended exposure of sensitive files.
Finding and repairing these misconfigured and unneeded
services is one of the most important and neglected tasks involved
in securing a Unix Internet server.”