My linux servers are do *not* have tools on them

Leon brooks writes:
 
<lots snipped>
 
> Would you care to republish that article, noting that the attacks are
> on a statistically one-for-one basis despite the fact that the Linux
> servers are a more attractive target, often being loaded gunwhale-down
> with useful tools as they are?
 
My servers have not been breached to my knowledge and I can inform Leon
Brooks that they do not have tools on them. I specifically set up
servers with as minimal a system as possible---modulo what RH insists on
and my ability to trim that (e.g. using by building my own sendmail RPM
with drastically reduced dependencies).
 
Once I have done that software gets on the machine only by having a good
reason to do so. Openssh pretty qualifies automatically but nothing else
does---you only get apache if you can demonstrate a convincing case for
a webserver, for example. None the boxes have portmap (and thus no NFS
or other RPC based services), compilers, lp*, r*, telnet, gs, *TeX or
anything X11 related. Many have default deny IP tables rules in and out.
 
What amazes me is now well windows servers do, given then M$ insists
they have boatloads of software useless for web service and a dire
security record. Can script kiddies only cope with unix boxen? Are
people mad enough to assume that linux servers should not be protected
by firewalls?
 
I guess anyone who *does* configure a web server loaded with all sorts
of useful tools, and not behind a firewall, is probably not very
cluefull and probably unlikely to apply security updates. Thus their
boxen are probably wide open to all the exploits published within the
last year. There are no doubt enough script kiddies to ensure all these
insecure boxen are owned.