Re: lighting---hacked!

From: Alan W. Frame (alan.frame@acm.org)
Date: 05/08/02


From: alan.frame@acm.org (Alan W. Frame)
Date: Wed, 8 May 2002 22:52:29 +0100

drumstik <root@127.0.0.1> wrote:

> On Wed, 08 May 2002 14:43:02 -0400, Clayton D. Strand wrote:
[]
> > We've had Linux up for quite a while, and things just keep getting
> > worse and worse. We're seriously thinking about putting our mailserver
> > and webserver on Windows 2000 due to the increasing difficutly securing
> > the Linux system (it takes days to do it, where NT takes minutes), and
> > the unbelievable problems encountered whenever a new installation of the
> > software is required, as in this case.
>
> Please don't blame Linux for your own administrative inadequacies. It
> really isn't fair.

ITYM: "Please don't blame your kernel for your own administrative
inadequacies in administering userspace tools that may have security
flaws on all platforms. It really isn't fair."

'course IMO the single strongest advantage of a Linux kernel is
netfilter/iptables - it doesn't take days to knock up an iptables script
that only allows access in/out to port 25 and in to port 80[0].

rgds, Alan
[0] assuming you /had/ to run mail & news on the same box - /anything/
else publically accessable is an unreasonable risk.

-- 
99 Ducati 748BP, 95 Ducati 600SS, 81 Guzzi Monza, 74 MV Agusta 350
"Ride to Work, Work to Ride" SI# 7.067 DoD#1930 PGP Key 0xBDED56C5