Re: IMPERVA'S PRODUCTS ARE RUBBISH

How would someone prove a server crashed? Sounds too believeable and specific to be made up imo....

Re: ...spend “is not proportional to its effectiveness”

Oh yeah. I took this approach for a while, and it worked too.

Up until about 2006, that is. Around that time, viruses started getting spread by images in websites and other novel routes. You'll also notice that this was about the time when dual-core CPUs basically became *necessary* so that one CPU could do near-constant virus scanning, while the other did useful stuff.

We live in a world now where "avoid scummy e-mail and websites" isn't enough protection. And I say this from my Linux workstation.

Re: ...spend “is not proportional to its effectiveness”

Actually, I have solved that problem with a deployment of 7000 workstations and 7 IT staff. All Linux, and the users vary from Graphic Design to accountadroid 2.0.

Our average salary is 115K in SoCal, which isn't a lot.

It really is a matter of hiring and training the right folks. My previous employ was as a security guy at a Fortune 5 company. They had massive issues with non-standard deployments and configuration. They tried to solve the problem with more bureaucracy. They used the industry average of 10-15 firewalls per admin. When I left, we fired all of their staff after i hired competent folks who could script and template changes. They now avg 70 firewalls per person, and have failed on zero audit points. To be good requires competence, to suck is to hide behind a vendor. That same security group reduced their operating costs by 5 million USD per year by biting the bullet and paying hardcore geeks what they were worth, and thus needing fewer geeks to get the job done.

Re: ...spend “is not proportional to its effectiveness”

That is rubbish.

Securing a system, any system is based on the skill of the administrator and the policies of the org. Any statistical hypist can pull numbers out of their arses, but what it comes down to is do you have the ability to secure in terms or skill and are you allowed to.

The following not directly aimed at you, but in general is I wish people would stop basing enterprise situations on home/soho situations, they are totally different in terms of security and costs.

Re: ...spend “is not proportional to its effectiveness”

"I remind you that the first and worst internet worm ever was on UNIX based systems.."

I remind you that that was 1988 ( that's NINETEEN EIGHTY-EIGHT ) and probably the majority of connected computers were running UNIX

Re: ...spend “is not proportional to its effectiveness”

"There are lots of people with legacy unix skills floating around looking for a job, whereas Windows is much newer...."

Let's see Windows 3 ~1990 - gives 22 years for a few to be trained.

This is so laughable ! It's nearly as funny as the idea that you are responsible for hiring staff - or do you work at McDonalds ?

Re: ...spend “is not proportional to its effectiveness”

> do you, or have you worked in a school environment?

Yes.

All of the problems mentioned earlier in the thread are actually pretty easy to solve. Unfortunately, you need buy-in from people who frequently just don't want to rock the boat, and won't OK the change even if you can prove it to be effective.

There is but one technical problem I could not solve - SIMS. That could not work with FOSS last time I looked (and I doubt it's changed...)

Vic.

Re: ...spend “is not proportional to its effectiveness”

> 1. Will offer 24 hour phone support.

I can do that.

> 2. Will offer 24 hour remote support.

I can do that.

> 3. Offer full SLA terms to the customer at the customers discretion.

I can do that.,

> 4. Will be on-site within 2 hours of call out.

I can do that.,

> 5. Offer 24 hour on-site support.

I can do that.,

> 6. Must have a smile on their face at all times.

I can do that.,

> 7. Must do this for no charge to the customer whatsoever (tea and biscuits provided at customers discretion)

But not that. And nor will you get it for any proprietary software either.

The thing with FOSS is that you get to choose the level of support you want. You want it free? It's there. You want it with an SLA? It's also there. But expecting someone to do a full-time job for you for no money is just silly.

Vic.

Re: ...spend “is not proportional to its effectiveness”

> when using Linux in business or schools the OS will still be paid for and money will "leave the country".

This is incorrect.

The OS is available at zero cost. The charge in such an environment is for the support contract - and that can easily be provided by UK companies.

> I'm unaware of any major Linux company bringing any cash into the UK

Well, I don't know about "major", but I bring in cash from abroad. Almost all my work at the moment is for one of two large foreign players.

Vic.

Re: ...spend “is not proportional to its effectiveness”

It's a top down approach. The majority of the kids being taught are all too stupid to actually learn something from using LINUX and in fact they will just find it confusing when they get into the real world and their bosses - assuming they don't just end up working McJobs - want them to use MS Office, which incidentally rightly or wrongly is what the majority of the world uses.

You have to appreciate that even the well educated, go out an buy Apple products ... hence it's safe to assume that the majority of people have no interest in learning about 'computers'.

So if you want the schools to teach Linux and LIbre office, you've got to get it on the desktops of big business first.

Re: ...spend “is not proportional to its effectiveness”

So how do you deal with Microsoft Office documents? How do your 'accountadroids' run standard commercial ERP tools that use Excel addins? Or you just accept that you can't work the way that 99% of companies do and will have all sorts of issues with Google docs, Libre office or whatever else you use? How does that integrate into your unified comms, email, voicemail, etc? What about BES? What about the 99% of other desktop corporate software that is aimed at windows?

And 70 firewalls per person with 7 It staff?! across 7000 users? Sounds like you have a big achitecture problem...

And regardless of how good your infrastructure is, it would take more than 7 IT staff just to provide a basic helpdesk service to 7000 users - even if they only had dumb terminals, so i smell bs here....

Re: ...spend “is not proportional to its effectiveness”

"people that tell me they do not need anti-virus get one question from me: "how do you prove that?""

The same way that you prove that your anti-virus actually works.

I've had warnings from avast about malware embedded in advertising links on reputable sites many times. It's not only 'bad' places that can become infected.

@DJ

Agreed.

Even worse; sometimes the virus scanner can be an even bigger problem than the threat its supposed to stop. When I started doing more company stuff on my PC (self employed) I decided that since I liked Avast up to that point that I should simply show some support and apply for a one year subscription.

And then it started; they introduced their "Internet security suite" and I got a free upgrade. It could scan my e-mail, web traffic, the system itself and all through separate engines. So far, so good. Since I don't use torrents / peer to peer stuff on this PC I could turn that down, messenger and such; same deal.

However; I soon started noticing that whenever I did a global update on some in-house software (which basically opens 20 - 30 simultaneous network connections for a moment and passes a few kB's of data) then my PC would freeze. Completely. Only after a while it would become responsive again.

You never guess what it was; Avast. And not even because it thought that I had some sort of virus; because their firewall was plain out crapware: it simply couldn't cope with a simultaneous 30 peer data stream, instead it sucked up all the resources it needed to cope.

Right now I use MS security essentials, the PC gets a full scan every once in a week and that's the end of it.

Re: @DJ

Time and time again it's proven that any anti virus software is better than non at all, but paid for security outperforms free in every case. Strangely a recent anti-virus software test in a leading UK PC magazine found Microsoft essentials at the bottom of the pack. Other tests in other magazines confirm this.

Re: @DJ

Ok, wow, so it seems the evidence is overwhelming. And you present it so well. Thank you.

Hmmmmm....

Although I admire your common sense stardust (yes, a thumbs up will be on its way), unfortunately lots of people choose not to follow it. The amount of student laptops I saw whilst working at a school in my first proper IT job came in with a whole host of viruses, malware and spyware. The other issue was netbooks being too slow to even host Windows XP/7 and caused AV that was planted on there by recommendation of "PC World" to make it extreme sluggish. We're also still at a stage where parents of primary/secondary school kids are still out of touch with computers and cannot education their children on how to use the internet properly. Just pure carelessness because there's a lack of understand of what's out there on the web. And the kids in the know always encouraged torrent's and illegal downloads with other students who weren't in know.

This comes back to the education system in the UK being clueless and will refuse to update the sylabus to teach these sort of common sense skills (along with word processing, spreadsheets and other stuff businesses want). So how on earth will our future generations know what a good site and bad site is? AV vendors will keep winning easy money until people are properly educated about common sense IT skills and the web in general.

It works if the virus is known about, if it's new then it's not going to get detected. The virus scanners look for specific patterns in files, not recognise bad behaviour.

Set sarcasm receptors to 'on' would you

Re: The reality is all too real

To think that windows is the only vulnerable system is naive, in this Univeral Plug and Play world!

You might well be totally correct. I'm always into learning. Since I have a box here where it wouldn't matter, would you be so kind as to post a link that I could click on with a NIX system and get a virus? That would really help me learn about this situation and I'd really appreciate it. Thanks.

Re: Web site to root a UNIX based system just by visiting a URL

Well they didn't "root" my system just by visiting those URLs. Back under your bridge TROLL

Re: That doesn't look too friendly.

If you actually read the comments of that link you would see that it is not something that would touch 99.9% of users, and to get affected by it you'd have to be incredibly stupid. Not on a par with the standard Windows vulns

Re: Web site to root a UNIX based system just by visiting a URL

Well they didn't "root" my system just by visiting those URLs. Back under your bridge TROLL

And you would know this how? :)

Re: The reality is all too real @Danny 14

Read and comprehend the article you point to.

It is talking about what the rootkit does once it is installed, and you are right, it does look quite sophisticated, and unpleasant.

But there is nothing in the article about how the rootkit gets onto the server, and this is where the strength of the OS security model comes into play.

As long as an OS has some privileged mode that allows the OS to be changed, it can be compromised. This is true about all currently deployed OSs around at the moment, and is necessary in order to be able to install patches. If you look at it from another angle, there is little difference between a rootkit and an OS patch, apart from the fact that one is supposed to improve the system, and the other is not.

If you were to look at compromised Linux systems, and work out how they were compromised, I'm certain that most of them will have been initially infected as a result of a human error rather than a deficiency in OS security. You know, something like an administrator using the same password or SSH key for multiple accounts, or having trusts set up from untrusted to trusted systems. And I also think that I am on safe ground in saying that it you were to look at the ratio of compromised systems to total number of systems of a certain type, Windows would show as having a higher rate of infection than Linux.

It is true that Windows AV solutions are able to detect rootkits and other persistent infections once they are present, but this article is talking about zero day detection rates. I would much prefer to use a system that is less vulnerable but which had poorer detection tools, than one that let malware in but detected most of it sometime after the infection.

It should be seen as axiomatic that AV software is a market that only exists because of poor OS security in the past. There is no market for Linux or OSX AV because there is no history of significant infections on those platforms. If there were, there would be creditable AV solutions for them.

What the AV software vendors have to accept is that in an ideal world, their comfortable little niche should disappear as OS security gets tighter. This is currently why they need to spread FUD in order to protect their income stream, and the tone of some of the comments here add to this.

Re: And you would know this how

Errmm by looking at the source of the webpage, by viewing portmap info, by viewing my router log. I could go on but then it must be over your head. So no, those pages don't "root any *nix operating system". They simply provide tools to do so when you choose to employ them.

Re: The reality is all too real

@RICHTO

"Web site to root a UNIX based system just by visiting a URL - here you go:"

I see the usual abysmal quality of your 'information' hasn't improved with the new year - what a load of FUD

Thanks all the same, but you can keep yer penguins ;)

"That doesn't look too friendly."

Nothing is perfect.

Linux | Windows | BSD

Oh, look BSD trumps... yet again. Happy days!

Every time someone says 'Linux' I'm gonna say, "Pah! BSD" ;p

Re: The reality is all too real

@RICHTO

"Im not clear how that is FUD"

Gosh, I thought you'd know !

Just visiting the link doesn't root the phone - you have to get involved -there's even a link for donations for goodness sake.

This no more roots an OS than me deciding to put a different Linux distro on a computer as far as I'm concerned.

Re: The reality is all too real @Danny 14 @RICHTO

I say again, this time to RICHTO. Read the article you link to.

This statistic is for defaced websites, not OS vulnerabilities. If you don't know the difference, then you should probably not be taking part in these discussions.

I'm also not sure about the data from Zone-H. The stats you point to are for 2010, and looking at the dates on the news pages (latest, September 2012, total news items posted in 2012, 2, total posted in 2011, 5), it looks like it is a site in decline.

Re: The reality is all too real @RICHTO

WRT the FUD claim and the links to URLs that you claim will affect iOS and Android.

Question. Do you understand the application deployment model in either iOS or Android?

In both cases, the way applications run is handled by a layer ABOVE the OS. So when you talk about it 'rooting' the OS, that is almost certainly not the correct terminology. Rooting by definition means getting access to the root account on UNIX-like OSs.

What has been compromised here is the application framework, *NOT* the underlying OS. In both cases, the underlying OS will be untouched. In terms of what a user sees, the result may appear to be superficially the same, but if you are going to make such claims, it is vitally important that you understand what you are talking about. Anything else is FUD, especially if you are spreading fear as a result of your uncertainty and doubt.

These specific issues are rather analogous to a Facebook application or account being hacked or a vulnerability in IE or other browser, while the underlying OS, whatever that is, remains untouched (unless, you run the browser from an admin account of course, in which case all bets are off).

This one of the historical differences between UNIX based OSs and Windows. Unless you take specific actions, you will *NOT* be running applications as a privileged user on UNIX, BSD or Linux. This was not the case on Windows before Vista, where many people's normal accounts had full Administrator privilege. This has changed, for which I say Hurray! but it took a long time for MS to recognise this (although NT was designed with a good security model from the ground up, even though it was rarely used to full potential).

Re: The reality is all too real

Please point me at a Jailbreak for Windows Phone 8? Or Windows RT?