August 4, 2006 at 4:55 am #611
I am sure some of you are thinking “oh god not this tired old argument again!” I understand, but I thought I would discuss it from the hackers perspective and without any emotions like “I like Linux more because if you take the name Bill Gates and convert it to ancient Sanskrit and then to Latin and then convert to numerals it equals 666, which must mean he is the anti Christ! I thought it might be interesting to some of the younger people on the forum that don’t really know the history of the linux vs windows issue.
I am more about getting the job done and I don’t care what OS I use. I remember reading some place that a person’s preference for an OS reveals more about that person than the OS. As cold as computer people are supposed to be as displayed in movies, I actually find them the opposite. I am surprised how passionate about technology many are and often their allegiance to an OS is sometimes emotional based.
Linux was embraced as the OS of choice by the underground for the longest time, but why was that? Several reasons existed. Back in the days of when windows 98 had just come out, linux was definably ahead. Windows 98 was a “wanna be” 32 bit overlay gui struggling on a 16 bit DOS underbelly. Not the most stable environment and was prone to crashing. It was said that Microsoft was worried about legal problems from Apple if they created a pure 32 bit OS since they “borrowed” the windows idea from Apple during there brief association together. So they were stuck with pushing something not as efficient or stable. Also, the underground seems to attract some very paranoid people and I remember a lot of people being worried that Gates had hidden some kind of spy ware deep inside windows and because everyone from the government to financial institutions used it, Gates was set up to be the next Lex Luther or Dr. Evil !
Early on many of the hacking tools were written only for linux, making it difficult to do much without at least some knowledge of that OS. Linux stood out, a powerful 32 bit OS that you could open up and look at the source code and you could tweak it so many ways to what your preference might be. Windows was seen as closed and hidden and being pushed by one greedy man on the entire world! If you have never been exposed to this kind of thinking, perhaps now you can see why the underground embraced linux so feverishly!
What about the tools available today? Is one platform favored above another? This is difficult to answer because each pen tester favors certain apps and therefore might lean more towards one OS over another. However, if we were to analyze the Top 100 Network Security Tools that are listed on Insecure.org and use that list as a standard, we find some interesting facts. If you were a linux only user there are 22 exclusive windows apps you could not use on that list. If you were a windows only user, there are 25 linux apps that would be unavailable to you. It’s so close to being even that you could not say one OS is more important than the other.
As for me, I can’t say one is better than the other at this point in time and I am referring to its use in the art and science of hacking. I am certainly not referring to the OS I would recommend to my grandma! That OS would be a very obvious choice indeed, lol! When XP was introduced for everyone, being a truer 32 bit structure, things really changed, although you would still see people that were loyal to linux calling it windoze. Its just too hard to let go of your prejudice sometimes. Now windows was fast and more stable. It actually started to feel like it had the power of linux or unix. By the way, if you wanted to get flamed back in those days, just go to a hacker forum and post that your favorite ISP was AOL and you ran windows! Actually, all you had to do was say something nice about windows !
I have done some very efficient hacking with windows and I can’t say that the reverse shell I get is in any way less stable. There have been times I felt I had better results with nmap using linux. Exploits if they are ported correctly work just fine with windows. Ok, so where am I headed with all of this? Yes, you guessed it, for me the best set up is using both! Both have their strong and weak points. They really compliment each other. I run linux on one laptop and windows on another. Right now I am using XP pro and Fedora Core 5.
Say for instance I want to crack WEP. I will run airodump on my windows machine and at the same time, I will run aireplay on my linux laptop. I do all my reconnaissance work with windows. Scanning is 90% a linux operation for me. If I want to use a bootable cd, well I better know my linux! Anyway, I hope you see how I jump from one to the other and I find this really works well.
So, is one easier to hack than the other? That’s a loaded question because it depends on the set up. For many years the cry was linux was more secure because you could turn off services and customize the installation more so than windows, etc… However, it was an embarrassing statistic to the linux aficionados that the most hacked servers in the world were linux! I can testify to the fact that both windows and linux, if properly configured, have the ability to be nearly impenetrable!
That’s my perspective on it and I try to be as objective as I can, because as I stated before, I am more interested in getting the job done!
August 6, 2006 at 5:02 am #9934Don DonzalKeymaster
Well thought out opinion piece. Here’s a few quick thoughts:
1. The Linux bias is still around. For most people, if they even mention liking Windows, especially in hacking circles, they get that weird look or reaction.
2. *nix servers were most hacked, because most servers ran *nix. Same thing for Apple machines when they dominated the market, just as the case is for Windows today. And as Linux becomes more popular as well as Windows Server 2003, look for the same.
3. As for me, I use a percentage of OSs that closely matches the current statistics. Mostly Windows, some Linux, and very infrequently, Macs. As mentioned, it helps get the job done.
4. With the complexity of networks and systems constantly on the rise, pen testers or ethical hackers, are now becoming more specialized. Thus the increased prevalence of Red Teams, groups of individuals with different areas of expertise. Even though it is a good thing to be well versed in many areas (OSs, networking, code, etc.), it is very difficult to become an expert in them all. For this reason, Linux gurus will always have a place at the table with the Windows expert, the code master, the Cisco king and others.
August 6, 2006 at 9:29 pm #9935
while not disagreeing with either one of you. my for example is what was the last good exploit for the linux 2.6 kernel? we just had a great local root exploit but how about the last remote exploit for 2.6?
is that a result of security professionals not focusing on linux for exploits or its open source philosphy?
August 7, 2006 at 5:44 pm #9936pcsneakerParticipant
I think there is an important point you missed when talking about the pros and cons.
I definitely agree that there is no “best operating system”, each of them has strong and weak parts (personally I’m using XPpro and ubuntu on my laptop, Debian and Win2003 on the server side depending what I want to achieve).
But why using “windows ports” ? Why not the original version ? If there is a unique tool that only run’s on windows I would use it without any hestiation (actually there are very little of them), but I would’nt look for a port when I can get the tool in it’s native operating system.
What’s the biggest point (at least for me) to use linux for pentesting ? The answer is that you get the sources for each and every tool, you can tweak and modify them as you need (and often it is necessary to do some changes, be it as simple as for instance recompiling a virus to try avoiding detection by a virus scanner – yes I know that’s a windows example but I think it shows the idea …) and it’s far more easy to fully control the behaviour of your own system, to access system ressources etc (just think about the problem that nmapwin had when XPSP2 came out, a lot of options suddenly didn’t work any more).
If running availabe tools is all you need (and often it can be sufficient to do that) your choice can be windows or linux, just the availabiltiy of a tool will limit your choice.
But (once again at least in my opinion) the goal of a pentest is to determine as close as possible if the system tested is vulnerable – not only if the system resists to attacks using tools acutally avaible on the net, and that is a goal you clearly cannot achieve using only windows tools.
I think that a skilled pen-tester absolutely needs to know more than one operating system, and as of now I also think that a serious pentest without having linux skills is not feasible.
August 9, 2006 at 2:12 am #9937
I think you see less new exploits for linux for a number of reasons. Certainly one reason is because of the open source policy. You have a lot of really great programmers inspecting the source code for flaws. Also, linux has less lines of code to exploit.
I spoke to a former Microsoft programmer once and he said some of the reasons windows exploits seemed to abound were do to misguided thinking that was prevalent at Microsoft early on. So much of it was spaghetti code being pieced together and programmers were under tremendous pressure to make deadlines to write code that would be compatible with everything out there. Most of the hope was that by making the source code closed, that alone would prevent exploitation. Well, that proved to be wrong!
In some hacker circles it was considered wrong to exploit linux. You should only target the evil greedy empire of Microsoft. However, it’s funny how it was ok to exploit linux servers because many of these were evil greedy capitalists taking advantage of a free OS for their personal profits. I guess you can rationalize just about anything if you try hard enough.
If someone told me I had to choose only one OS to hack with, I would have to pick linux. However, I would say it would be sad to not have access to these windows only programs, Cain and Abel, Netstumbler, GFI languard, Superscan, L0phtCrack, Sam Spade, Core Impact, SolarWinds, Pwdump, Angry IP Scanner, Brutus, etc…
August 15, 2006 at 4:01 pm #9938oleDBParticipant
I agree with you 100% that they both have their place, but the only reason I keep a windows system at home is for gaming. For the most part, I think a big reason for people using Linux is that its free and people either don’t want to pay for Windows or are too lazy to pirate it. Either way I think people are underestimating the cost factor that goes into choosing an OS. There are some exceptions, like people choosing linux to get more experience on the platform, however rarely is it some ideal of open source over close source or its more secure, thats just a smoke screen for cheapskates who don’t want to pay for an OS. If Vista was priced between 50-100 bucks for the various versions, I think you would see alot of people buying it, whereas people sick of the WGA just don’t want the hassle, so they run ubuntu or debian. In a large scale professional environment, I would have to say maintenance of an open source linux distro(ie Not Redhat Enterprise or Novell SUSE) is much more difficult then windows. Microsoft provides a more structured upgrade path, better documentation, and better support. For a small shop linux makes sense, but when your talking 500-1000 servers, I think running an open source linux distro is a bit more difficult.
August 15, 2006 at 5:39 pm #9939
Interesting thoughts. I wonder if every admin that has had extensive experience with both platforms would agree windows is easier. Not an Admin that has had a large windows background and just a little linux pushed on them. That might be an interesting poll.
My feeling is with the exception of Redhat, windows is easier to administer. Of course if you subscribe to the Redhat tech support, its not really a free OS. If you go through all the Redhat training , it can cost a small fortune!
My liking for linux is based on the fact that I can “tinker” with it and do some customization. I consider it the OS for the hobbyist so to speak. After all, hacking really meant the ability to alter things to run in a different way. Based on that definition, it could be called the true “hackers” OS.
August 15, 2006 at 7:22 pm #9940oleDBParticipant
Yeah, I think linux is really close to becoming a viable OS for non-techinical users. I think better driver support and a little more work on the package management side and its there. I’m a big fan of linux, unix, and I’m not a windows hater either. The only OS I really don’t have any experience on is OS X, and from what all my MAC fanboy friends say, its extremely slick.
I really separate out Redhat Enterprise and Novell Suse from the other “free” linux distros, because there not really free and they have support/training/etc close to what you get with Microsoft. Also, IBM and Dell have made big gains with their Redhat Enterprise servers here in the US.
October 20, 2006 at 4:01 am #9941
Just a quick update. If you want to hack with windows, you should not have SP2. Windows with SP2 is not hacker friendly!
December 11, 2006 at 6:56 pm #9942ethnetParticipant
One thing – how secure is linux/unix kernel.
Just another – secure deployment of network services (Apache, PHP, xSQL, DNS, SMTP)
December 11, 2006 at 9:51 pm #9943
i’d say the current 2.6.x kernel is fairly secure.
December 11, 2006 at 10:46 pm #9944divineParticipant
I grew up as a Sys Admin on Unix (Solaris) systems mostly. I think that tends to pull me to be more biased to the *nix market. I feel more at home there. Windows is definitely the more “user friendly” environment but Linux OS’s are getting close (Ubuntu is very user friendly).
As far as a professional perspective, Linux is my OS of choice for pen-testing and analysis (performance, tools, customizability), bear in mind though I have VM’s of Win 2000 and XP, Server 2000 and 2003 as well. It is hard to RE Malware on a non-native platform and I do alot of that.
Security wise, I think Linux is not inherently more secure. It is however not targeted nearly as much and therefore benefits from it’s lack of market dominance on the regular commercial customer base. Although Security Flaws exist and are exploited on Linux, they are not published nearly as often as Windows. Reknown is gained and botnets are grown by finding Windows Vulns, finding a linux vuln does little today for the average hacker…
Just my 2 Cents….
December 21, 2006 at 12:48 pm #9945plikParticipant
From an general admin point of view, (and i do hate to say this because I love my open source) I prefer Windows. Although that may be down to the lack of enterprise linux experience.
But from a more hacker point of view, use the right tools for the job, windows, linux OS X whatever. At home I use all of them but tend to use OS X more than others. Why? It does *nearly* everything I could do on a Linux machine, but I don’t have to worry about will I have to reinstall a bunch of stuff next time there’s a gcc update (I had bad experience with gentoo) AND my wife thinks it’s pretty enough to get her email on (and I don’t have to worry about the state of it when she’s done with it). That might not be the best business case for moving to mac if you due a technology refresh soon though.
December 28, 2006 at 9:41 pm #9946psychoruggerParticipant
I know the whole talk about this one is Linux vs. Windows, but I think the question these days should be closer to open source vs. closed source. I grew up with ‘nix platforms which strangely was the first operating systems I had ever seen. You can imagine this GUI thing was very unfamiliar to me the first time I saw Windows and like everyone else was in “awe” at it’s ease of use. When I heard the price tag for it, I decided to stick with my ‘nix. However, I eventually realized how many cool tools I was missing out on like someone else mentioned earlier. I mean, I have a ton of uses for Cain and Abel and love it. BurpSuite is much easier to teach to my level 1 guys using Windows than it is Linux because they don’t know Linux. Windows is what they grew up on. Things like that. On the other side of that, MacOS X is a good tool to use for hacking I think because of the power built behind the Mac hardware. BSD is also a fantastic resource. Unless it’s not available to me, I try to put some implementation of OpenBSD on my external facing sites, even if it’s just a reverse proxy or something like that. That being said, now you have Sun contributing to open source a little more with Open Solaris/Solaris 10 which includes zoning. Huge tool because if you know how, you can push several tools into different zones and run them simultaneously without having to worry about one conflicting with the other.
There are some things that MickeySoft is good for and it all depends on it use. I always fight putting a Windows Webserver up, and if I’m forced to, I fight to put something more than just a firewall to protect it. Let something else take the blow that can actually take it.
Though I am a major supporter of open source and ‘nix platforms, there are many great tools and things that I would miss if Windows wasn’t around, but I definitely don’t use it as much. I think it is necessary though.
- You must be logged in to reply to this topic.