Re: Tiny or Zone Alarm?

From: Jules Dubois (usenet+julesd@erols.com.invalid-tld)
Date: 02/13/02 

From: Jules Dubois <usenet+julesd@erols.com.invalid-tld>
Date: Wed, 13 Feb 2002 10:01:49 -0500

On Wed, 13 Feb 2002 01:45:16 +0100, Wolfgang Kueter
<wolfgang@shconnect.de> wrote in message
<<a4ccv0$1ug$1@news.shlink.de>>:
> > And just how does one "confiigure his system properly"?
> Don't run any services.

Rather: Don't run any services you don't actually need.

> There is no need to 'stealth' a properly configured system and
> 'sthealting' ist by dropping packages is bad habits.

I have a slight problem with this wording. It's a bad habit to drop
(in English) "packets" to keep unwanted services from seeing them. I
agree completely that the service itself needs to be disabled.
However...

Stealth also means simply not rejecting incoming requests. While it's
a "violation" of the RFCs not to reject a request which you aren't
going to accept, it's a good idea to just drop the request instead.
That way, potential vandals don't get any response from such requests.

> Use bugfree sofwtare [...]

There's no such thing: any useful software has bugs.

Jules