Re: **Secure** Ftp server

phn_at_icke-reklam.ipsec.nu
Date: 07/27/04

  • Next message: Hairy One Kenobi: "Re: **Secure** Ftp server" 
    Date: Tue, 27 Jul 2004 21:27:57 +0000 (UTC)

    Leythos <void@nowhere.com> wrote:
    > In article <ce5iu3$2khc$1@nyheter.ipsec.se>, phn@icke-reklam.ipsec.nu
    > says...
    >> Mike <honey@michaelmoyse.co.uk> wrote:
    >> > phn@icke-reklam.ipsec.nu wrote:
    >>
    >> >> Leythos <void@nowhere.com> wrote:
    >> >>
    >> % stuff removed to focus on one question %%
    >>
    >> >> True. But i Can read, cert is one place to read about windows broken
    >> >> security, securityfocus another.
    >>
    >> > http://www.openbsd.org/security.html Is fun to read as well. Lets face
    >> > it, all operating systems have vulnerabilities and the biggest one is
    >> > the guy on the keyboard and his knowledge of security and the O/S he is
    >> > using. Then we are back on the TCO argument again.
    >>
    >> The refenrence to openbsd is interesting. There has not (to my knowledge)
    >> been a single break-in in an openbsd running default installation.
    >>
    >> There has been applications ( which you have to start first) that had
    >> holes, there has been a number of problems with local stuff ( where
    >> one must create a running process first in order to exploit).
    >>
    >> The application we are discussing, a simple ftp server would
    >> not be part of any of these problems. In fact one could use
    >> a 2.2 release ( 8 years old) and still be safe.
    >>
    >> Compare that to the track record of MS. Then compare the price
    >> difference, easiness of install and amount of work needed to
    >> keep the machine running.

    > Compare all of the above to a novice installing BSD and FTP and
    > configuring it on a new platform when he already has the MS licenses and
    > infrastructure - there is a cost, and it's significant. It would be more
    > secure and cheaper to just setup a open-source FTP product on a system
    > he already has, already has secured, and already understands.

    > Linux and it's variants is only one path, and it's not free by any
    > means, let alone for an installed Windows base. If you actually start
    > tracking the cost of a Linux server installation/maintenance to that of
    > a Windows 2000 server installation, doing the exact same things, they
    > are equal in time/effort and most big shops don't get the free version,
    > they get one that includes support agreements from one of the bigger nix
    > vendors, so cost is about the same.

    You should try it and answer from experience and not by quoting
    MS sales litterature. That's MS task, your ought to be to evaluate
    all possible ways of fulfilling a task. 

    -- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.
  • Next message: Hairy One Kenobi: "Re: **Secure** Ftp server"