[linux-elitists] Are we Dead Yet? (or "For every sprinkle I find, I shall kill you!)

Rick Moen rick@linuxmafia.com
Fri Jan 21 15:02:44 PST 2005

Quoting Don Marti (dmarti@zgp.org):

> You're not talking about the Honeynet report, are you?
> Report date: 17 December 2004.  EOL date of _latest_
> Linux release cracked (Red Hat 9): 30 April 2004.
> http://www.honeynet.org/papers/trends/life-linux.pdf
> http://www.redhat.com/migrate/
> I don't really see what the report shows, other than
> "unmaintained software on an Internet host will
> eventually get compromised."

Indeed, I'm getting really tired of seeing bullshit "reports" about Linux
security by self-promoting security-industry flacks.  

    A total of 24 unpatched Unix honeypots were deployed, of 
    which 19 were Linux, primarily Red Hat.

    [...]   Of these, only four Linux honeypots (three RH 7.3 and 
    one RH 9.0) and three Solaris honeypots were compromised. 
    Two of the Linux systems were compromised by brute password 
    guessing and not a specific vulnerability.

One is moved to wonder _why_ you would leave a glaringly obsolete
Linux distribution unpatched.  Both RH 9 and 7.3 are now EOL; even
errata for them are no longer published:  Updates, as you say, ended
last April.

And, c'mon:  Those distributions were released 20 months and 32 months
prior to the study's date of operation, respectively.  

I'd have had a _little_ respect for the study if they'd at least
included a disclaimer to the effect that "Naturally, it was a really
obviously crazy stunt to run these obsolete systems, in December 2004, 
completely without customary patching and exposed to the global
Internet, but using more-realistic and modern systems would have made
for a dull study." 

But, sadly, they did not.

I'd say I was disappointed, but I've learned not to expect much from
security-industry "studies".

I note that the paper is unsigned.  How convenient:  Nobody specific to
complain to.

Cheers,                                      Hardware:  The part you kick.
Rick Moen                                    Software:  The part you boot.

More information about the linux-elitists mailing list