I read an article on the web a while back (sorry, don't have the URL and therefore cannot vouch for it's authenticity or accuracy). It compared network vulnerabilities of Windows systems and Linux systems both patched & unpatched. They connected the systems to the web and noted that the various unpatched flavours of Windows OS were all compromised in short order (within hours or less I believe) whereas the unpatched Linux flavours remained uncompromised. However when properly patched both Windows and Linux flavours all remained uncompromised over a period of a month. Of course add the human factor and any OS is vulnerable. And the more services you have running, the more potential vulnerabilities may exist on any OS. I was under the impression that the tests dealt with systems in a laboratory environment (were not used during the course of the test other than patching and checking for compromise and such). I qualify this because I know some will no doubt jump in and say how this system or that system was compromised despite being patched. Or the OS itself was not compromised but rather a service running in the OS, or whatever. The short and sweet is both Linux and Windows systems have the ability to be fairly secure in a networked environment (i.e. Internet). The largest influencing factor being the human factor. Security and usability are typically at the opposit end of the spectrum. If implementing of a particular security measure is too difficult for the average user, or inhibits usability too much, it will inevitably fail to provide the degree of security it was designed to offer. Jacques B.
