Quote:
Originally Posted by ThE.BeSS
I have a Windows Hosting , and i have heard from friends that windows hosting is not so safe ,Linux is safer.
I like the windows hosting and i had NEVER problems with it ,but i had some problems with file access because its not like in linux so i had to contact the support several times ,then i learned how to change the file access thanks to the great support  |
Security, comes down primarily to the person that's putting it in place, and not by the OS choice.
Security is a process and not a product, and itself has a field all of it's own, though I think what you're possibly referring to is a myth that seems to have come about due to Chinese whispers.
The Microsoft Architecture is notably one of the most used platforms, given that people use it within their workplaces, and also their homes, much above that of linux (though there have been a lot of recent developments in the linux world which mean people are starting to use it more). Some may say that this is the reason that a vast majority of the viruses and worms that float about the internet these days are geared towards the Microsoft platform, which in part may be true, though the real thing here is the way that a Windows machine works. When Windows was first created, it was a single user system, ie that user had access to do everything to that system, windows 3.1, 95 and 98 are examples of this single user system. Along side that, was Windows NT 3.1, NT 4 and 2000, but these were multi-user systems, primarily used in the business world. Microsoft wanted to bring the advantages of Windows NT, and the look and usability of Windows 95 to create a new unified Windows.
This is how Windows XP came about, which in itself is more secure than it's counterparts. The problem lies with the fact that people would need to understand what a multi user system is, and given that would take time for people to get used to, they went along with the idea that the account that it created during setup, was added to the administrators group allowing them the same access that they had when they used to run Windows 98, the ability to install applications, and the ability to change system settings. By far and wide this is one of the worst things that they did, because it meant that without knowing what a multi user system is, people didn't utilise it to it's full advantage, they just carried on as if they were still using Windows 98, but with a new look.
There are 2 types of user account available as standard in Windows XP, an Administrator, and a Limited User account, though most people still today use an Administrator account for their daily activities, such as reading this forum, or reading their emails, instead of using a limited user account, and then only using an administrator account for when they have to perform specific tasks. The other reason that people use an Administrator account by default, is due to bad programming by application writers, that request to be able to write to a
system area(Program Files), rather than the
user area (Documents and Settings).
This is where the Virus writers use social engineering and the understanding of how people use their systems. For a windows file to be executable, it only needs to have a certain extension, ie exe, cmd, scr etc. Knowing the fact that most people are using an administrator account to perform their daily tasks, means that by sending an email with an attachment in it that appears to be from someone you know, would make you want to look at the attachment to see what it is, and by doing so executes the attachment with administrative rights, which can do anything from deleting your entire hard drive, to installing torjans, which means that they can later access your system for whatever means that they want, and even today, people have firewalls installed that block access coming in, but allow everything out, and those that do warn about outgoing connections, are commonly dismissed by the user under the idea that 'well if it's asking for it, then it needs it'.
In an attempt to fix this, Microsoft created UAC, which is present in Vista, and lo and behold, how many people have got to the point of irritation because of not being able to do something that you were able to do before. This has also forced the bad application code to be re-written, so that it does write to the
user area as opposed to the
system area.
When looking at the comparison to a linux system, a password for the root account is created during the install, but the account that you create is a standard user account, and as such, everything you do is with a standard user account, and only elevating those privileges when required. It doesn't mean that you can't use a root account to browse the internet, or read your emails, though a vast amount of programs do infact check first to see if you are logged in as root, and if so, won't allow their execution. To be able to achieve the above with a standard user account, you would first have to save the attachment, then you'd have to give it permission to execute (regardless of extension), all before you could run it, which even then, would only effect your
user area, rather than the
system area.
So when you look at it like this, you can see how one may appear to be more secure than the other, though in reality it's more in the understanding of how to configure it. Windows
can be secured in the same way that linux is, it's in the understanding of how to do it that creates the problem. Linux doesn't care if you understand how to do it, as it does it from the outset, Windows on the other hand, doesn't do it from the outset, and expects you to know what you should do - and people said that linux was too difficult to understand.
No doubt people will be able to add / take away from this, though it's just a personal insight into it, hopefully it may help others to understand somethings they didn't before.
windows hosting vs linux hosting
Linear Mode
