Posted by: Anonymous Coward
on January 28, 2003 05:12 AM
Since a windows machine with all ports firewalled is just as "hardened" as a linux machine with all ports firewalled, let's presume the relevant ports cannot be firewalled and must have a particular service running on them:
- In linux (any UNIX, as far as I know), you can run that service in a chrooted environment. Even if a hacker somehow gets root access via that service, they will only be able to touch stuff in that chrooted environment. However, that would have done nothing to stop the recent SQL Slammer worm.
- You can use user-mode linux, which is similar to a chrooted environment, but also protects against vulnerabilities in the kernel itself. You can only do what that particular instance of user-mode linux (which running on top of regular linux) can do. Unfortunately, this probably would not have done anything to stop the SQL Slammer worm either.
Even though the above two methods won't completely stop people from attacking a particular service, they really do stop serious destructive damage from being done to other parts of the system, as long as they are set up intelligently.
Now I'm not a windows expert by any means, so if there are similar mechanisms under windows, please reply, and I'll never make this argument again.
Learn about Linux
Download Linux
Get Linux help
Re:Jay Beale's comments
Posted by: Anonymous Coward on January 28, 2003 05:12 AM- In linux (any UNIX, as far as I know), you can run that service in a chrooted environment. Even if a hacker somehow gets root access via that service, they will only be able to touch stuff in that chrooted environment. However, that would have done nothing to stop the recent SQL Slammer worm.
- You can use user-mode linux, which is similar to a chrooted environment, but also protects against vulnerabilities in the kernel itself. You can only do what that particular instance of user-mode linux (which running on top of regular linux) can do. Unfortunately, this probably would not have done anything to stop the SQL Slammer worm either.
Even though the above two methods won't completely stop people from attacking a particular service, they really do stop serious destructive damage from being done to other parts of the system, as long as they are set up intelligently.
Now I'm not a windows expert by any means, so if there are similar mechanisms under windows, please reply, and I'll never make this argument again.
#