I couldn't help but comment on this (quickly, because these discussions tend to turn into a point- and endless ping-pong match).
It can actually drive me mad to see how many Linux users entirely trust in their assumption that they're more secure by default simply because they don't run a Windows system. Sure, the average Linux user might be more tech savvy and common with the internals of his/her system than your typical Win32 home user. However, there are *plenty* incredibly vulnerable Linux boxes exposed to the Internet and I know for a fact that quite a few people simply download and install binary packages from any given source without a second thought. Even more ironically, a lot of people just compile and install anything with the usual ./configure / make /make install stupor. ELF infectors do exist, and just because it's not quite so common, doesn't mean it doesn't happen. Also - wild theory - I'd say that people are less likely to notice a malware infected Linux box than a Win32 one, simply because of blind trust. I also disagree on the note that a single system exposed to the Internet doesn't form any type of threat at all. You can always beautifully serve as a hop or become a friendly member of a botnet or whatever. I'm not saying Linux sucks security-wise, I'm not saying Win32 sucks security-wise. It's what you do with it, how you handle it, and how much you assume. Cheers, J. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html