On Wed, 13 Jun 2012 11:08:25 -0700, JC Dill said:
If both flavors were equally easy to exploit, according to your theory above we would see more exploits on the *nix servers. Yet server-side exploits are seen on Windows servers far more often than *nix servers, despite the fact that more web pages are served by *nix servers than Windows servers.
I suspect the *real* issue is that for really large systems, it's not so much "exploits" as "one-off customized attacks". The chances of pwning Bank of America with an off-the-shelf attack are pretty low - but finding a blind SQL injection and leveraging it are a bit higher. And given all the 'XYZ got pwned' news stories, I suspect that in fact the *nix boxes *are* being attacked - just not with COTS attack tools.