l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
July 21: Defensive computing: Information security for individuals
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2002 Oct 03 00:32

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox] ucsb outlaws win2k and NT 4.0 from its resnet
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox] ucsb outlaws win2k and NT 4.0 from its resnet



----- Forwarded message from Curtis Kline <ckline@housing.ucsb.edu> -----

Subject: RE: win2k
Date: Tue, 1 Oct 2002 17:34:37 -0700
From: "Curtis Kline" <ckline@housing.ucsb.edu>
To: "Peter Jay Salzman" <p@dirac.org>
Cc: "Resnet" <Resnet@housing.ucsb.edu>

Pete,

Thanks for the inquiry. The kind of attacks we saw on UCSB ResNet last
year were specifically targeted at Windows 2000 systems. They ranged
from Nimda and Code Red to an IRC-zombie-bot compromise that gave people
pretty much complete access to the Win2k box.

UCSB ResNet does not have a security guru on staff. We rely on our
direct experiences and the advice we get from other university security
resources. What we saw last year was that Windows 2000 systems were at
the root of 90% of our compromises last year. When a student's box gets
compromised, we have to spend a *huge* amount of time fixing the
problem. We first try to determine how the attack happened, then we
assist the user in backing up their data, reformatting their drive,
reloading an OS, and reloading software. We decided that if Windows 2000
were not around, these problems would likely go away.  And they did.  

We have not had one compromise of this type since startup, even though
other schools have reported large numbers of them.  We consider the
experiment a success. We now have Windows 95,98, Me, XP Home and XP Pro
on our network (among others), and not a major compromise so far (except
for one poor guy who got his Red Hat box owned through an ssh
vulnerability). Yes, I am knocking on wood.

So I cannot tell you what specific problems exist in Windows 2000 that
do not exist in Windows XP. I have not analyzed it that closely. But
whatever they are, the difference, at least for us, is like night and
day.

Let me know if you have more questions.


Curtis

______________________________________
Curtis Kline
Residential Network Coordinator
University of California Santa Barbara
805.893.4016 Voice
805.893.4766 FAX
 

+ -----Original Message-----
+ From: Peter Jay Salzman [mailto:p@dirac.org] 
+ Sent: Tuesday, October 01, 2002 5:18 PM
+ To: Resnet
+ Subject: win2k
+ 
+ 
+ you state that people aren't allowed to use win2k without 
+ permission on
+ resnet.  the reason is:
+ 
+    Residents' computers were compromised with several well-known
+    vulnerabilities and used for all manner of unfriendly 
+ purposes such as
+    the installation of viruses like Code Red and Nimda on 
+ other residents'
+    computers, denial of service attacks, and port scanning. 
+ 
+ you go on to suggest that people upgrade to XP.
+ 
+ i'm curious what problems exist in 2k that aren't present in 
+ XP.  i seem
+ to recall more vulnerabilities with the release of XP, like 
+ their 'home
+ control' feature which allows any remote user to gain full 
+ access to the
+ operating system.  the hole got plugged a month after it was 
+ discovered,
+ but it seems like there's more and more XP holes that are popping up.
+ 
+ i'm not advocating switching everyone over to linux, but i'm just
+ curious about the reasons for nixing 2k and not XP.
+ 
+ pete
+ 
+ -- 
+ Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
+ 

----- End forwarded message -----

-- 
Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.