SECURITY:
The Internet has become more dangerous over the last few years. The amount of traffic is increasing and more important transactions are taking place. With this the risk from people trying to damage, intercept or alter secure data grows. So it is good that the systems are robust against the storms of the Internet and have many sophisticated security measures.
This is a primary reason why Linux systems are so popular as Internet workhorses. However, if the Linux security tools are not used in an appropriate way then they can be a liability. Problems can be caused by badly setup security measures. Linux has always been designed as a multi-user system. Windows 2000, on the other hand - its root being buried in the development of NT, was more of a patch to an existing legacy graphical shell running on DOS.
Windows 2000 is not Linux, of course. One of the largest differences is in the security model - the security of NT pervades the entire operating system, not just that of the file system. Because of this, the implementation of controlling permissions and access means that the registry has to be able to encompass all possible settings for all data, applications, and resources found on the system. The biggest advantage of Linux over windows 2000 is historical. Windows grew out of a single-user context, and most developers build applications for windows with that philosophy. In windows, users are not as isolated from one another as they are in Linux. In Linux, each user gets his own separate user directory and can run processes (programs) as one another. While many of these things are possible in windows 2000, most commercial applications do not exploit this capability, nor do most windows-educated systems administrators take advantage of these features. This is one of the reasons why so many NT/2000/windows 9x machines are vulnerable to problems such as email attacks. For example, many think that the way to avoid being infected by a virus is to make it impossible for their email program to run an attached application.
While this works, it is easy to be safe in Linux without having to give up this capability. First of all, Linux can protect all system programs from being touched by any user except root. That way, if a user runs a virus from his email program, it is impossible for that virus to infect anything but programs in his own home directory. Since root does not run any of those programs, the user may experience difficulties, but the system is safe.
Better still, the system administrator can simply create a user account specifically for running email attachments and then isolate the account (put in ‘jail’). Then the system administrators set up the email programs so that all users automatically run their mail attachments as this ‘jailed’ user .now it is possible to run any attachment desired and it is impossible for any Trojan or virus to do harm the system or to the user’s own directory.
Windows Scripting Host is not only horribly prone to insecurities, but also limiting in what can be done - the problem caused by relying on graphical tools rather than command line interfaces to maintain systems. It makes it very difficult to run centralized servers without these two basic control methods in place.
Web and FTP hosting:
These require separate user accounts and areas for each distinct user. In these instances, shell accounts are also useful to provide non-standard user-administered services such as cgi scripts, mailing lists, and the like. Attempting to achieve this securely within a Windows environment where applications frequently run with administrator privileges are difficult to say the least.
But Windows 2000 has also appreciable security systems. When dealing with the level of security obtainable with the systems it is necessary to distinguish between the security level realized by each of the standard installations and the level that can be achieved with an operating system in principle. In this respect, Windows 2000 standard installations are said to be more secure than Linux standard installations, the latter requiring further protection work by the administrator. The standard installation of a Windows 2000 network already contains an implementation of the Kerberos protocol for simple user authentication and access control in the network. Linux also provides this functionality as open-source software, albeit with additional installation effort.
In the event of the theft of a mobile client encrypting the file system since the perpetrator gains unlimited access to the hardware can only protect important information. The NTFS 5.0 Windows 2000 file system, contains the Encrypted File System (EFS) installed as standard solution, which can be activated for any number of folders and all files. Encrypted file systems are available under Linux as an upgrade solution with additional installation effort.
In large-scale organizations, the introduction of Public Key Infrastructures (PKI) often involves considerable expenses. Windows 2000 provides a simple PKI, which goes beyond the use of passwords and has smart card-based authentication mechanisms for use in the network. For Linux PKI functionality is only partly available at present.
The results of the investigations showed that Windows 2000 was better suited for corporate use as a network operating system than Linux.
Hence, when security is considered, Linux has the upper hand but it is the application that decides which operating system will suit the most.
TESTS:
Given below are the results of some of the primary tests conducted in order to compare the two operating systems:
Operation
|
Linux
|
Windows 2000
|
Result
|
Copying a file
|
Issue the copy command with both source and destination file name.
|
Bring source and destination windows in the screen and drag’n drop.
|
Linux is faster as the existence source and destination need not be seen before copying
|
Getting help
|
Issue the help command along with the command for which help is needed.
|
Just F1 is enough for application specific helps. There’s no command specific helps in windows.
|
Windows 2000 is faster. But Linux has a much better command-specific help.
|
Activation of editor
|
Type the editor program’s command name
|
Just select the icon
|
Windows 2000 is better.
|
Printing a file
|
Issue the print command with the filename.
|
Open the file and select the print from the menu
|
Though both are same in performance printing options such as selecting the number of pages and all are better in windows 2000.
|
|