Re: Re: January 15 is Personal Firewall Day, help the cause

["David F. Skoll" <dfs () roaringpenguin com>]

On Thu, 15 Jan 2004, Exibar wrote:

>    Sorry to disagree with you, but telling people to simply not use windows
> and not use Outlook is like telling people not to ride in a car for the fear
> of getting into an accident.

No, it's telling them not to drive a Pinto when they could drive something
safer.

>    So you're telling me that if I don't run Windows and I don't run Outlook
> that I'm 100% safe?  Horsesh*t!

You are very much safer.  Our mail server receives on the average day 70
viruses from cracked Windows machines, and none from cracked Linux machines.
We still receive several Nimda hits a day, and none from cracked Linux
machines.

>  If I install Linux and not Windows XP (for
> example) I'm safe?  There isn't anything else that I have to do?

A default install of a modern Linux distro includes firewalling rules
by default, and is fairly safe.

>    Why not EDUCATE the end-user on how to use Windows and Outlook safely?

Because it is impossible to use Windows safely; the very design of the
operating system is flawed.  This is not just my opinion; it's also that
of Bruce Schneier and many other people, some of whom lost their jobs
for speaking out.

> BTW:  Not running Anti-virus software is just plain stupid (I will not
> respond to any flames on this point, so don't bother).

Why?  We have no machines that are susceptible to the viruses that are
in the wild.  We do, of course, drop .exe, .com, etc attachments on
our mail server, but that's just to save disk space and stop annoying
messages from filling our mailboxes.

> Plain and simple.
> I'm very surprised that any company is able to run that way.

We have since 1999, and haven't had any problem.  If you don't use Windows,
you don't need anti-virus software.

Regards,

David.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html