Default installations of Linux getting harder to compromise
Default installations of Linux getting harder to compromise

Linux fights off hackers

Open source no easy pickings
Iain Thomson, 17 Jan 2005

Linux systems are getting tougher for hackers to crack, security experts have reported today.

A study by not-for-profit IT security testing organisation Honeynet Project has shown that, on average, Linux systems today take three months to fall prey to hackers, up from 72 hours in equivalent tests conducted between 2001 and 2002.

The 2004 results came after a team of researchers set up 19 Linux and four Solaris 'honeypots' in eight countries including the UK. Honeypots are unpatched internet-connected computers designed to be targets for hackers.

"Default installations of Linux distributions are getting harder to compromise," said the report.

"New versions are more secure by default, with fewer services automatically enabled, privileged separation in services such as OpenSSH, host-based firewalls filtering inbound connections, stack protection for common threats and other security mechanisms."

During the tests only four Linux honeypots were compromised (three running Red Hat 7.3 and one with Red Hat 9). Two of those systems were broken by brute force password attacks rather than by operating system vulnerabilities.

By contrast unpatched Windows systems exposed in a similar way in tests last year by Symantec lasted a few hours, or in some cases minutes.

But there was bad news for Solaris users, with three out of the four honeypots running Solaris 8 or 9 hacked within three weeks. However, a fourth has been online for six months without being compromised.