Linux life-span on the up

Random acts of senseless violence against Linux and Unix servers have dramatically decreased recently, with the average low-value Linux box expected to last a few months before being compromised, a report out this week says.

The Honeypot Project said that unpatched Linux boxes connected to the Internet had a mean time to compromise of three months during 2004, compared to 72 hours during 2003.

Similar data collected from Windows honeypots recently suggests a time to compromise measured in hours or minutes, due to the general Internet background noise of Windows network worms.

The Honeypot Project data is based on a small sample of 24 Unix boxes, 19 of which were Linux. They were set up resemble low-value targets, not registered in DNS or search engines.

Four Linux honeypots and three Solaris boxes were compromised. Two of the Linux systems were compromised by brute password guessing and not a specific vulnerability, Honeypot said.

The report speculates that the reason for the sharp increase in life expectancy may be due to stronger default configurations and the fact that attackers tend to attack Windows boxes more often.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing