126 CHAPTER 9 HOW TO SECURE YOUR (Top ten web hosting)
126 CHAPTER 9 HOW TO SECURE YOUR COMPUTER The situation is certainly getting better but, even so, Microsoft s latest operating system, Windows XP, provides many good examples of why it s an easy target. Upon installation, the default user is given root powers. True, a handful of tasks can be performed only by the genuine administrator, but the default user can configure hardware, remove system software, and even wipe every file from the hard disk, if he pleases. Of course, you would never intentionally damage your own system, but computer attackers use various techniques to get you to run malicious software (by pretending it s a different file, for example) or by simply infecting your computer across the Internet without your knowledge, which is how most worms work. Viruses and worms also usually take advantage of security holes within Windows software. As just one example, a famous security hole within Outlook Express allowed a program attached to an e-mail message to run when the user simply clicked a particular message to view it. In other words, infecting a Windows machine was as easy as sending someone an e-mail message! It s a different story with Linux. Viruses and worms are far rarer than they are on Windows. In fact, the total number of viruses and worms that have been found in the wild infecting Linux systems number far less than 100 (one report published in 2003 put the number at 40, and the number is unlikely to have grown much since then). Compare that to Windows, where according to the Sophos antivirus labs (www.sophos.com), approximately 1,000 new viruses are discovered every month! The Sophos antivirus product now guards against just under 100,000 viruses. Note The high number of Windows viruses may be due to the quantity of Windows PCs out there. After all, for a virus to spread, it needs computers to infect, and it won t have trouble finding other Windows computers. But while I would love to say that security holes are not found on Linux, the sad truth is that they re a fact of life for users of every operating system. Many so-called rootkits are available, generated by members of underground cracking groups. These are specialized software toolkits that aim to exploit holes within the Linux operating system and its software. The bottom line is that while writing a virus or worm for Linux is much harder than doing the same thing on Windows, all Linux users should spend time defending their system and never assume that they re safe. Root and Ordinary Users As I ve mentioned in earlier chapters, Linux makes use of something called the root user account. This is sometimes referred to as the superuser account, and that gives you an idea of its purpose in life: the root user has unrestricted access to all aspects of the system. The root user can delete, modify, or view any file, as well as alter hardware settings.