http://www.sans.org/newlook/alerts/NTE-bank.htm
I now check every site before purchasing from them. Anyone running MS software loses my business. I already had to change my bank card thanks to egghead (who I will never use again..).
Easy way to check is through Netcraft :-).
Anyone know how to setup a secure webserver on SuSE?
Matt
Matt, It does seem that the way SUSE handels security patches by making them readily available should help prevent these kinds of exploits. The typical MS box is configured from the original distribution CD which is often a few years old, then service packs are installed, assuming the SA knows what service packs are, and how to apply them. With SuSE the CDs used for installation are usually less than 5 months old, and patches are made available for easy application almost never requiring a reboot of the system. If I understand correctly, these criminals (not hackers) simply read the security alerts and hunted down systems which were not patched. Sometimes SuSE's patches have had adverse consequences on running systems, either due to changes which requirer manual intervention, or due to bugs. A more deterministic proceedure for handling these patches would be nice. I'd like to see the following associated with each patch in a readily available location: 1) What the patch is for. 2) What the patch changes. 3) How to apply the patch - especially if it requires something fancy such as modifying a config file. 4) known problems with the patch. 6) What should be backed up before the patch is applied. 5) How to revert to the previous working configuration if something goes wrong. A good example of where this would be useful is with some of the recent apache patches. I, and several others had problems with the apache patches, and it wasn't ever clear to me what the correct action was to restore my system. Since I don't run a website, I was not overly concerned with simply blowing away the apache and starting over. I accept these problems with a bit of grumbling. If I were making money by providing some kind of online service I might be a little more upset if my system went down because of a patch. This is not to say MS doesn't leave one in similar or worse predicaments. I really don't care how we stack up against MS, I care how we compare to the ideal of a perfect system. One thing I will say about Linux is that I feel much more secure using e-mail. Typically when I receive the latest VB virus I simply crack it open in XEmacs hexl-mode and try to figure out what it does. I don't remember which one it was, but one of them seemed to be doing a whole lot more than the media reported. It was opening network connections, traversing file systems, writing to the hard drive, modifying files. Really nasty stuff. Steve