Board logo

標題: 想問linux會不會安全過windows ? [打印本頁]

作者: 可口可樂    時間: 2010-3-31 22:33     標題: 想問linux會不會安全過windows ?

因為覺得windows好似好易比人入侵咁, 如果要來做d重要既野好似好危險
作者: Phil_123    時間: 2010-3-31 22:45

本帖最後由 Phil_123 於 2010-3-31 22:46 編輯

無 OS 係對傻仔免疫. 用 Linux 但又唔做好安全更新, 仲唔安全過 Windows.

Windows 其實係一個好安全既 OS, 當年 NT 時代帶黎既各種權限設定多過 *nix 系統多多聲, 只不過 Windows XP 為求兼容性, 預設俾 Administrator 權限既 account 人用, d 毒先會有咁大殺傷力. 要到 2006 年尾出既 Vista, 有 UAC, 開始要求用戶確認要求 admin 權限既行為, 先開始減低到傻仔對電腦安全既殺傷力.

Linux 方面, 因為跨世紀既預設慣例已經分明 standard user/root 權限, 要人做乜都用 standard user, 做管理先轉用 root, 當 standard user 層面瀨野中漏洞, 都唔會有 root 權限去搞事, 所以同 Windows XP 比, 現今各主流既 Linux distro 係比較安全.
作者: quintus    時間: 2010-3-31 22:56

另外就係一部份 Linux 分發版本 (尤其桌面版本) 預設開啟咗嘅 services 係非常少,相對地可以被外來攻擊嘅機會都少咗。Linux 亦被認為係比較少電腦病毒,因為現在大部份電腦病毒都係針對 Windows 系統。

不過都係嗰句,個系統係唔係安全,最主要都係睇管理同埋用佢嘅人。即如如果有人中意將放咗貴重嘢嘅夾萬打開門放到屋門口外,咁幾勁嘅夾萬都係無用。
作者: 可口可樂    時間: 2010-3-31 23:01

無 OS 係對傻仔免疫. 用 Linux 但又唔做好安全更新, 仲唔安全過 Windows.

Windows 其實係一個好安全既 OS, ...
Phil_123 發表於 2010-3-31 22:45



不該晒ching, 我仲有個問題, linux用firefoxy加ie插件來上d ie only既網(例如ebanking), 咁個ie插件係邊個放上去比人用? 同埋會不會有機會加埋只木馬係入面架 ? thx
作者: Phil_123    時間: 2010-3-31 23:33

不該晒ching, 我仲有個問題, linux用firefoxy加ie插件來上d ie only既網(例如ebanking), 咁個ie插件係邊 ...
可口可樂 發表於 2010-3-31 23:01
女人會唔會患前列腺炎?

IE Tab 只可以係 Windows 版 Firefox 度用, Linux 版係用唔到.
作者: 閒魂    時間: 2010-4-1 16:09

無 OS 係對傻仔免疫. 用 Linux 但又唔做好安全更新, 仲唔安全過 Windows.

Windows 其實係一個好安全既 OS, ...
Phil_123 發表於 2010-3-31 22:45


因為覺得windows好似好易比人入侵咁, 如果要來做d重要既野好似好危險 <-- Google 都說了,在 1-15 的攻擊都是利用Internet Explorer 瀏覽器的一個新漏洞,0 days。

用 Linux 但又唔做好安全更新, 仲唔安全過 Windows <-- NPOV

Windows 其實係一個好安全既 OS, 當年 NT 時代帶黎既各種權限設定多過 *nix 系統多多聲 <-- 設定多跟安全無直接關係
作者: icarus-c    時間: 2010-4-1 16:53

回復 4# 可口可樂

1. There is no Linux version of IE but you may get it from from ie4linux (based on WINE)
2. Windows program (including virus/worm/trojen) can not be executed without WINE. afaik, unless the malware is targetted for WINE on Unix platform, otherwise i don't think it would do any harm to your Linux system. but make sure you don't run WINE as root

Virus is pretty much impractical on  Linux platform because:
1. open source software updates VERY rapidly, bugs are fixed soon. (this can't help for 0-day though)
2. There are so many Linux distributions with different style of setup (redhat, debian, gentoo, lfs....etc) the virus would have to be smart enough to make it functional on a variety of distributions
3. use of user space applications varies for different machine, it is inefficient to carry attack from the attacker perspective (e.g imagine one could use GNOME, KDE. virus attacking GNOME wouldn't work on KDE)
4. not all users are using the same version of software even they are using the same software. (e.g. current fedora ships GNOME 2.28,  while there are still people using version 2.22, 2.24, 2.26 , 2.30...etc ) same reason as #3.

Note: i'm not meaning it is not possible to have virus on Linux platform.
Malware/Trojen is another story.
作者: samiux    時間: 2010-4-1 17:37

因為覺得windows好似好易比人入侵咁, 如果要來做d重要既野好似好危險
可口可樂 發表於 2010-3-31 22:33


Hi,

When someone told you that Linux is more safety than Windows system, don't believe them.  It is not very hard to get the right of root when the Linux system is running applications or services that has/have flaw(s).  I think no Linux system runs no application or service.  No software is flawless in my opinion.

Someone may not believed in the captioned message.  However, it is true and always true!

Samiux

P.S.  I am studying computing security, especially on Linux system, at the moment.
作者: Phil_123    時間: 2010-4-1 17:53

因為覺得windows好似好易比人入侵咁, 如果要來做d重要既野好似好危險
閒魂 發表於 2010-4-1 16:09
IE6 問題關 Windows 乜事? IE8 好安全呀.
作者: liangsuilong    時間: 2010-4-1 21:02

女人會唔會患前列腺炎?

IE Tab 只可以係 Windows 版 Firefox 度用, Linux 版係用唔到. ...
Phil_123 發表於 2010-3-31 23:33



哩個比喻夠惡搞。。。
作者: 可口可樂    時間: 2010-4-2 01:11

另外就係一部份 Linux 分發版本 (尤其桌面版本) 預設開啟咗嘅 services 係非常少,相對地可以被外來攻擊嘅 ...
quintus 發表於 2010-3-31 22:56


不該晒. 咁係不係姐係話d月簡單既os就月安全架 ? 好似google rhome os得個browser咁係不係咁多個os中佢最安全 ?
作者: 可口可樂    時間: 2010-4-2 01:14

女人會唔會患前列腺炎?

IE Tab 只可以係 Windows 版 Firefox 度用, Linux 版係用唔到. ...
Phil_123 發表於 2010-3-31 23:33


喎原來linux係不可以到ie tab架 咁如果有ie only既網頁味用不到囉:sleepy:
作者: 可口可樂    時間: 2010-4-2 01:16

因為覺得windows好似好易比人入侵咁, 如果要來做d重要既野好似好危險
閒魂 發表於 2010-4-1 16:09


除左ie會不會功擊其他架
作者: 可口可樂    時間: 2010-4-2 01:26

回復  可口可樂

1. There is no Linux version of IE but you may get it from from ie4linux (based on  ...
icarus-c 發表於 2010-4-1 16:53


不該晒ching咁詳細既解釋, 又學到好多野呢 睇來用電腦來做ebanking好似好危險
作者: 可口可樂    時間: 2010-4-2 01:28

哩個比喻夠惡搞。。。
liangsuilong 發表於 2010-4-1 21:02


小弟冇知失禮晒
作者: rockyw    時間: 2010-4-2 03:14

有時o的人話乜野windows癈, mac機, linux勁, 無甘易俾中毒, 俾人hack呢o的concept錯酉, 只係windows因為多人用, 多人研究先會逐個細微既漏洞都會俾人抄酉出黎, 就係因為甘反而windows係最多防範既一個OS黎, 反而其他好似mac OS甘, 係因為market share低, 大部份人對佢無興趣研究, 抄出黎既所謂漏洞先話比較少, 曾經有人比較過, 真係要hack既話mac機易hack過同快過windows吾知幾多倍, 因為無人搵o的漏洞出黎, 就無人就去補
作者: icarus-c    時間: 2010-4-2 08:08

回復 16# rockyw

Think about the below:
-你睇睇pwn2own linux既record
-好耐之前有條友好型咁係public mailing list度講話人有攻到佢個linux setup就比US$1000
-用得linux既都係大機構,(popular website, national defense, space facilities, banks, medical information system..etc) 照理打Linux仲有作為過Windows
-冇人搵Linux既漏洞? 你睇下bug tracker, mailing-list. 好多時呢d漏洞一publish幾個鐘至幾日內就fix左.
-做virus唔簡單, 要好熟個要attack既software. 試問在open source下咁熟一個software你會attack定contribute? (Windows/Mac OS X你冇得contribute)
-Linus' law: Given enough eyeballs, all bugs are shallow  (*note不過唔係個個open source project都有linux kernel咁高quality)
-漏洞多少不要緊, 因為一個就夠了


最後, 要知道大多數attack係針對user space application software (e.g. web browser, office suite.)  而Linux只係條kernel. 呢個post到底問緊 GNU/Linux vs Windows 定 Linux vs NT?
作者: icarus-c    時間: 2010-4-2 08:12

回復 14# 可口可樂

you better focus on network security. for example, using well encrypted wireless, avoid public LAN, make sure you go to the REAL bank website, use https ...etc
作者: yhfung    時間: 2010-4-2 10:31

提示: 作者被禁止或刪除 內容自動屏蔽
作者: 可口可樂    時間: 2010-4-2 14:15

回復  rockyw
最後, 要知道大多數attack係針對user space application software (e.g. web browser, office suite.)  而Linux只係條kernel. 呢個post到底問緊 GNU/Linux vs Windows 定 Linux vs NT?
icarus-c 發表於 2010-4-2 08:08


我係想問安全問題, 因為我真係比條pk入侵部電腦, 佢仲要不知丑咁0係人地面前大條道理咁凸顯佢有幾勁, 好黑人增. 平時我都幾乎日日用kis2010掃毒同埋up個windows同防毒, 點知都係比人入侵囉
作者: 可口可樂    時間: 2010-4-2 14:21

回復  可口可樂

you better focus on network security. for example, using well encrypted wireless, a ...
icarus-c 發表於 2010-4-2 08:12


謝謝你 上網其實真係幾危險
作者: 可口可樂    時間: 2010-4-2 14:24

重要和大系统谁会用MS Windows的产品呢?大部分都是用大公司的UNIX系统,如果小公司,可能采用MS Windows的 ...
yhfung 發表於 2010-4-2 10:31


匯豐提款機好似都係用windows架, 入到味發達
作者: yhfung    時間: 2010-4-2 14:59

提示: 作者被禁止或刪除 內容自動屏蔽
作者: GraphiteCube    時間: 2010-4-2 16:49

不如問下自己上網有無Download翻版Software裝, 有無Download不明來歷嘅E-mail attachment.

Linux安全又點, 你將root當普通User咁用, 咪一樣有機會中招.
作者: untvb    時間: 2010-4-2 17:39

我係想問安全問題, 因為我真係比條pk入侵部電腦, 佢仲要不知丑咁0係人地面前大條道理咁凸顯佢有幾勁, 好 ...
可口可樂 發表於 2010-4-2 14:15


你晌現實世界識佢 ?
咁佢有無掂過你部機先 ?
作者: samiux    時間: 2010-4-2 17:59

There may be someone still think that Linux is more safer than Windows.  Let's see this!  One of the cracker namely 1923Turk did on 2010-April-01.  He cracked a lot of Linux servers and Windows servers in one day.  Surprise?  Guys!
作者: rockyw    時間: 2010-4-2 19:02

There may be someone still think that Linux is more safer than Windows.  Let's see !  One of the cra ...
samiux 發表於 2010-4-2 17:59

現實版bloody monday 獵鷹?!!
作者: Phil_123    時間: 2010-4-2 19:56

本帖最後由 Phil_123 於 2010-4-2 20:03 編輯

其實依家好多攻你既方法都係跨平台... Phishing 陷阱你用乜 OS 都好, 你自己冇安全意識都會上釣
作者: samiux    時間: 2010-4-2 20:30

其實依家好多攻你既方法都係跨平台... Phishing 陷阱你用乜 OS 都好, 你自己冇安全意識都會上釣 ...
Phil_123 發表於 2010-4-2 19:56


Basically, they are not using "phishing" method to crack your servers.  They gain the rights of root or administrator of your server and crack it.  Methods will not discuss here, sorry!
作者: jeffreycheng    時間: 2010-4-3 00:01

提示: 作者被禁止或刪除 內容自動屏蔽
作者: Phil_123    時間: 2010-4-3 00:24

Basically, they are not using "phishing" method to crack your servers.  They gain the rights of ro ...
samiux 發表於 2010-4-2 20:30
I meant invasion of privacy.
作者: ttsssp    時間: 2010-4-3 08:26

我係想問安全問題, 因為我真係比條pk入侵部電腦, 佢仲要不知丑咁0係人地面前大條道理咁凸顯佢有幾勁, 好 ...
可口可樂 發表於 2010-4-2 14:15


Call the police if he say he did it.
I don't believe he had crack / hack you computer.
why do you trust he crack you pc?how do you prove it?Show us please!
作者: melodyayaka    時間: 2010-4-3 09:33

我係想問安全問題, 因為我真係比條pk入侵部電腦, 佢仲要不知丑咁0係人地面前大條道理咁凸顯佢有幾勁, 好 ...
可口可樂 發表於 2010-4-2 14:15


unplug the power and see what he can do ...
作者: icarus-c    時間: 2010-4-3 10:56

回復 33# melodyayaka

see what you can do to your own machine too
作者: 可口可樂    時間: 2010-4-3 20:45

你晌現實世界識佢 ?
咁佢有無掂過你部機先 ?
untvb 發表於 2010-4-2 17:39


係呀識佢, 係個"遠房親戚"
作者: 可口可樂    時間: 2010-4-3 20:53

本帖最後由 可口可樂 於 2010-4-3 20:54 編輯
Call the police if he say he did it.
I don't believe he had crack / hack you computer.
why do you  ...
ttsssp 發表於 2010-4-3 08:26


佢來過我屋企, 用過我部電腦, 又restar我部電腦又叫我再login比佢再用(我係用限制賬戶比佢用的), 之後仲問我知不知咩叫LC4, 咁佢走左之後去gogle囉, 先知原來係破密碼既軟件我以後都不再相信呢條pk
作者: 可口可樂    時間: 2010-4-3 21:04

本帖最後由 可口可樂 於 2010-4-3 21:07 編輯
unplug the power and see what he can do ...
melodyayaka 發表於 2010-4-3 09:33


我諗起個笑話關於電腦使用者與黑客的對話: --
使用者: hi, 黑客你又來啦
黑客  : 是呀, 你好
使用者: 你很利害喎來去自如
黑客  : 怎樣, 現在你服了沒
使用者: 我也會黑呀, 按一下開關鈕就ok了
黑客  : 886


作者: 可口可樂    時間: 2010-4-3 21:06

回復  melodyayaka

see what you can do to your own machine too
icarus-c 發表於 2010-4-3 10:56


淨係上網, 其他重要野不敢做
作者: ttsssp    時間: 2010-4-3 21:52

佢來過我屋企, 用過我部電腦, 又restar我部電腦又叫我再login比佢再用(我係用限制賬戶比佢用的), 之後仲 ...
可口可樂 發表於 2010-4-3 20:53



    即係咁
你打開部電腦,任佢用(仲要再login又乜)
同你打開個夾萬放佢面前叫佢參觀任拎無分別
唔係佢hack/crack勁,你俾你部腦我,我用一陣都應該搵得到你d 甜片放邊
作者: jeffreycheng    時間: 2010-4-4 03:23

提示: 作者被禁止或刪除 內容自動屏蔽
作者: icarus-c    時間: 2010-4-4 08:35

回復 36# 可口可樂

LC4唔知咩黎....  我用開ophcrack
準備隻linux live USB, 裝個ophcrack (最好有位放埋rainbow table..)
上佢屋企報仇, 你話屋企部唔知比邊條PK crack左, 借佢電腦download番d drivers裝Windows B-)
跟住.......................
作者: untvb    時間: 2010-4-4 11:11

部機本身都唔安全, 講咩 OS 都無用啦...
作者: rockyw    時間: 2010-4-4 12:59

甜片 ... 哈哈 ....

讚成 e 位 c 兄的說法 ...

比 d it 人裝個 keyloger ... 唔洗 admin right 都得 g ...
jeffreycheng 發表於 2010-4-4 03:23

一隻sysrecuse CD已經改到admin password...
作者: 可口可樂    時間: 2010-4-5 16:16

回復  可口可樂

LC4唔知咩黎....  我用開ophcrack
準備隻linux live USB, 裝個ophcrack (最好有位放埋rai ...
icarus-c 發表於 2010-4-4 08:35


收到........
作者: 可口可樂    時間: 2010-4-5 16:18

甜片 ... 哈哈 ....

讚成 e 位 c 兄的說法 ...

比 d it 人裝個 keyloger ... 唔洗 admin right 都得 g ...
jeffreycheng 發表於 2010-4-4 03:23


藝術片又或者係愛情動作片
作者: muteki    時間: 2010-4-6 17:07

回復 29# samiux

Few well known kernel/remote exploits have been around for a long time as well as their patches.  I suspect those Linux admins are not doing their jobs properly.
作者: samiux    時間: 2010-4-6 19:43

本帖最後由 samiux 於 2010-4-6 19:47 編輯
回復  samiux

Few well known kernel/remote exploits have been around for a long time as well as the ...
muteki 發表於 2010-4-6 17:07


Without the kernel remote exploits, crackers can get your rights of root very easy too.  

May be the sysadmins not update their servers but kernel remote exploits is not the only way to get the rights of root.
作者: muteki    時間: 2010-4-7 04:01

Without the kernel remote exploits, crackers can get your rights of root very easy too.  

May be  ...
samiux 發表於 2010-4-6 19:43


My point is, lots of exploits (e.g. several drivers stack overflow, vmsplice... etc.) were discovered and fixes within matter of days.  As long as the admins doing their homework and subscribe to the right mailing lists, lots of these issues could be mitigated.
作者: samiux    時間: 2010-4-7 21:28

My point is, lots of exploits (e.g. several drivers stack overflow, vmsplice... etc.) were discove ...
muteki 發表於 2010-4-7 04:01



May be or may be not.  Believe or not believe.  Just depends on you.





歡迎光臨 電腦領域 HKEPC Hardware (https://h1.hkepc.com/forum/) Powered by Discuz! 7.2