trojan problem

[Anders Karlsson]

On 1/30/06, Sven Wagschal <s.wagschal at bengelhaus.de> wrote:
> Anders Karlsson schrieb:
> > Linux is not invulnerable to virii, and there are hundreds of virii
> > for Linux, they just do not spread so easily. Because Windows has a
> > much larger install base, and usually less cluefull users, virii
> > writers targets Windows because the reward is bigger.
> >
> > Do not make the mistake of believing "because I use Linux no harm will
> > come to me". The bigger the install base, the bigger the target and
> > the bigger the reward for a successful virii.
>
> Then, why are there many virii which target Windows servers, but only a
> few (if any) that target Linux Servers? There are way more
> Apache-Web-Servers than Windows servers, but interestingly exploits are
> primarily target at Windows (despite the install base).

Could be that IIS was installed and running by default (until
recently) on Windows desktops perhaps, making the available IIS
install base far larger than Apache on unices...

If there is a 50/50 split, whatever is easier to exploit will be
targeted. That may even be true if there is a 35/65 split, if the
gains to be had targeting a smaller number of servers outweighs
targeting the bigger section. Apache on unices (generalisation) tends
to be managed by people that are aware of security. This is not the
case for many Windows homeusers that may not even be aware that IIS is
installed/running on their desktop.

> There was an article some years ago which argued that the "install base
> argument" is mostly wrong:
>
> <http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/>

There is always two sides to the coin.

We are drifting OT here, so if anyone wants to continue this thread,
we'll use sounder or private mail - ok?

--
Anders Karlsson <trudheim at gmail.com>