|
Windows vs Linux Server |
|
Author(s):
(unknown) |
Institution:
Sana Security |
Year:
2006 |
URL:
http://blogs.zdnet.com/threatchaos/?p=311 |
Project Description:
On April 14th, 2006, Richard Stiennon wrote an article in ZDNet entitled Why Windows is less secure than Linux. Stiennon starts by saying: "Many millions of words have been written and said on this topic. I have a couple of pictures. The basic argument goes like this. In its long evolution, Windows has grown so complicated that it is harder to secure. Well these images make the point very well".In his post, Stiennon explains that both images (shown here) represent a map of system calls that occur when a web server serves a single HTML page with a picture. The same page and picture have been used on both servers for the purpose of testing. Richard further explains: "A system call is an opportunity to address memory. A hacker investigates each memory access to see if it is vulnerable to a buffer overflow attack. The developer must do QA on each of these entry points. The more system calls, the greater potential for vulnerability, the more effort needed to create secure applications". The resulting images were generated by Sana Security. The first image is of the system calls that occur on a Linux server running Apache; while the second is of a Windows Server running IIS. The images speak for themselves.
|
|
|
|
|
|
Comments (21):
|
|
|
|
|
so why would this be hosted on an IIS server then?
Posted by Nunyas on Feb 22, 2007 at 10:10 PM (GMT)
|
|
|
|
|
I disagree. I think the first one is IIS and the second one is Linux/Apache :)
Posted by Gary@LXPages.com on Feb 23, 2007 at 10:06 PM (GMT)
|
|
|
|
|
Sure would be nice to have clickable images... I can draw boxes with lots of lines on them too! :D
Posted by Falcon4 on Mar 20, 2007 at 1:24 AM (GMT)
|
|
|
|
|
There is the best comparison - http://claimyourvista.com/article_4
Posted by rGizmo on Apr 27, 2007 at 7:09 PM (GMT)
|
|
|
|
|
rGizmo, the suggested link can hardly be considered the best comparison... It's extremely biased and inaccurate. The IE vs Firefox comparison is hilarious. What a service of misinformation.
Posted by Manuel Lima on Apr 28, 2007 at 11:51 AM (GMT)
|
|
|
|
|
re: claimyourvista.com
What a Joke!
Looks the whole site was done by 5th graders who believe anything their told. Uncle Bill must have paid them in lolly pops for putting up this site.
Posted by royce knight on May 10, 2007 at 7:40 PM (GMT)
|
|
|
|
|
An interesting article on this topic: http://tinyurl.com/yvf6gd
Posted by Manuel Lima on Jun 13, 2007 at 5:25 PM (GMT)
|
|
|
|
|
If Katie Holmes a 'Most Influential' Celeb than "Victor Matell" is the Anti Christ
Posted by matell on Jul 4, 2007 at 5:56 AM (GMT)
|
|
|
|
|
@claimyourvista.com: I think that's satire, honestly. If it isn't.. jesus.
@images: I'd like some proof other than a box with lines, maybe some words?
That's all I got
Posted by Comrade Smack on Aug 28, 2007 at 7:26 PM (GMT)
|
|
|
|
|
Why it's only possible to leave a comment on sites recommending Linux? I've never seen a site recommending Windows with that feature.
Posted by GME on Nov 9, 2007 at 8:49 PM (GMT)
|
|
|
|
|
If you click on the URL above to the zdnet article, you can see the larger images.
Posted by Some Guy from the Future on Nov 20, 2007 at 12:17 PM (GMT)
|
|
|
|
|
I made that diagram while at Sana Security. I was the lead developer of the instrumentation portion of their "PrimaryResponse" product at the time.
The diagram used the raw instrument data from a running system loading a single static web page -- the raw data is basically a set of timestamp/system-call/return-address tuples which I fed into a series of Python scripts which emitted input to Graphviz (dot language files). From the tuples, you get a pretty good idea of the trajectory of the execution of a program (which is what Sana's analyzer used to "fingerprint" normal vs. abnormal behavior of programs).
Using Graphviz to visualize the paths, I just did it on a lark. I have been surprised that it has lived on (people email me links to this stuff five or six years after I did it). I don't have the original images; and in my last move I lost the poster I made (6ft x 4ft pieces of paper). On my decent desktop system at the time, Graphviz took more than 24 hours to render the IIS version of the diagram.
Graphviz is an amazingly useful tool.
Posted by Tim Kordas on Nov 21, 2007 at 5:23 PM (GMT)
|
|
|
|
|
Suggest you try doing a whois on claimyourvista.com
rGizmo seems to be having an identity crisis :)
Posted by lowly seer on Jan 10, 2008 at 3:16 PM (GMT)
|
|
|
|
This is cool link:
http://tinyurl.com/yvf6gd
Posted by Jasubhai on Jan 31, 2008 at 2:33 PM (GMT)
|
|
|
|
|
Thanks Jasubhai. This link has already been mentioned above.
Posted by Manuel Lima on Jan 31, 2008 at 4:05 PM (GMT)
|
|
|
|
|
Beware people, the link provided by Mr. Gates (rGizmo) contains hoaxes. Just add it to your squid ACL.
Posted by dorky dork on Feb 17, 2008 at 2:55 PM (GMT)
|
|
|
|
|
I have a suspicion that claimyourvista.com is a joke site.
Posted by IllegalCharacter on Apr 10, 2008 at 4:32 PM (GMT)
|
|
|
|
|
According to Tim Kordas' notes above, the date on this diagram is wrong. He states that he did this 5 years prior to his post (i.e. 2002).
That also means that it refers to IIS 5.0 on Windows 2000. As noted on wikipedia, the current shipping version is 7.0 has a completely rewritten modular architecture:
http://en.wikipedia.org/wiki/Internet_Information_Services#Version_7.0
Posted by Sean on Aug 24, 2008 at 8:54 AM (GMT)
|
|
|
|
|
That really sends a message - wow!
I found this interesting article on how visualization is making it into Enterprise software:
Visualization Video
Posted by Alon on Oct 15, 2008 at 9:27 PM (GMT)
|
|
|
|
|
These pro-windows comments reek of emotional-bias. As anyone who has had the chance to use Windows and a Mac or Linux on a regular basis knows from experience, Windows use entails contant user intervention to defend against and recover from spyware and viruses.
Posted by Pedru on Jul 23, 2009 at 3:57 PM (GMT)
|
|
|
|
|
These pro-windows comments reek of emotional-bias. As anyone who has had the chance to use Windows and a Mac or Linux on a regular basis knows from experience, K?z Barbie Oyunlar? Windows use entails contant user intervention to defend against and recover from spyware and viruses.
Posted by Mario on Jan 21, 2010 at 7:36 PM (GMT)
|
|
|
|
|
| *Note* Before you submit your comment, bear in mind there's no guarantee it will be seen by this project's author. In case you want to contact the author directly, please follow the provided URL. |
| Leave a Comment: |
|
|
|
* COMMENTS HAVE BEEN TEMPORARILY DISABLED *
(We're looking for the best solution to avoid unwanted SPAM)
|
Follow on: 
