Is there any study that shows that NetBSD is one tough nut to crack?   -Mike


   Linux fights off hackers

   Open source no easy pickings
   Iain Thomson, vnunet.com 17 Jan 2005
   <http://www.vnunet.com/news/1160588>

   Linux systems are getting tougher for hackers to crack, security experts have
   reported today.

   A study by not-for-profit IT security testing organisation Honeynet Project
   (for study see: <http://project.honeynet.org/papers/trends/life-linux.pdf>) has
   shown that, on average, Linux systems today take three months to fall prey to
   hackers, up from 72 hours in equivalent tests conducted between 2001 and 2002.

   The 2004 results came after a team of researchers set up 19 Linux and four
   Solaris 'honeypots' in eight countries including the UK. Honeypots are
   unpatched internet-connected computers designed to be targets for hackers.

   "Default installations of Linux distributions are getting harder to
   compromise," said the report.

   "New versions are more secure by default, with fewer services automatically
   enabled, privileged separation in services such as OpenSSH, host-based
   firewalls filtering inbound connections, stack protection for common threats
   and other security mechanisms."

   During the tests only four Linux honeypots were compromised (three running Red
   Hat 7.3 and one with Red Hat 9). Two of those systems were broken by brute
   force password attacks rather than by operating system vulnerabilities.

   By contrast unpatched Windows systems exposed in a similar way in tests last
   year by Symantec lasted a few hours, or in some cases minutes.

   But there was bad news for Solaris users, with three out of the four honeypots
   running Solaris 8 or 9 hacked within three weeks. However, a fourth has been
   online for six months without being compromised.