It's true that explorer is only loaded when somebody is logged in. However, the GUI and a bunch of other (some very unnessesary services for a server) are always running.
Now, you mentioned in your previous post that some linux servers got hacked. Now, a poorly configured server, be it windows or linux will eventually get hacked. No software is perfect, and eventually a bug will be discovered on some software on your server that can lead to a compromise of that service. If you have configured the server properly, however, even though an attacker will be able to get into the server, he will not be able to do much. For example, if you do a default install of ColdFusion, it will run as as Local System on windows, an account which has full permissions to anything on the server. If ColdFusion happens to have some sort of bug (or an attacker is able to execute some cf code on your system, and you have CFEXECUTE enabled, for example), the attacker will be able to read any file on your system, and probably create admin accounts and eventually log into the system through remote desktop, should you have that enabled, and do whatever he pleases. If you install ColdFusion on linux, to my recollection it asks you what account you want to run under, and so you are forced to create a linux account fo r it. Unless you are stupid and put in root as the user coldfusion runs under, the only thing the attacker will be able to do once he logs in is mess with whatever files the coldfusion user has access to. Now recently there was a bug found in a popular php message board program. Those who ran apache and therefore php as root, were hacked and their machines rooted. Those who didn't, might've gotten hacked, but did not lose the whole machine, and were probably able to patch and restore from backup if necessary. As far as whether a firewall is needed, you don't need an external firewall with linux. It has a very robust firewall built in, either iptables, or on older version ipchains. You can do anything with those firewalls that you can do with hardware firewalls (In fact most hardware firewalls run some version of linux). Linux is just inherently more secure, has a lot of tools for security as well. There are things you can do with linux that you can only dream of doing on windows. Some of those things have been made possible by porting the linux tools to windows, but they are never the same. The problem with linux is that it is a lot more difficult to manage. There are no pretty GUI's to guide you, and a lot of stuff has to get done through command line or configuration files. However, most of the time, once you've configured something, you don't have to worry about it, until you need to make changes. With windows, things always tend to go wrong, although it's gotten a lot better with Windows 2003. Too bad MS SQL doesn't run on linux. I still haven't found anything that comes close in each of managibilty. Now with the coming out of MS SQL 2005 express, it's going to be hard to beat. Especially with Oracle buying the company that owns the InnoDB engine (that is one of the core engines that powers MySQL). Perhaps I'll set up some servers on linux running CF and one server running MS SQL. This way I can have the best of both worlds. Russ -----Original Message----- From: Snake [mailto:[EMAIL PROTECTED] Sent: Thursday, November 24, 2005 3:29 PM To: CF-Talk Subject: RE: CF Hosting Thedesktop is only loaded if the machine is logged in at the desktop or via a terminal services session. A screensaver cannot run if no-one is logged in. Here is a very simple test for you. Logout of your machine and login again. The desktop is not instantly there, it has to load everything again and thus takes a few seconds to come up. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:225204 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
