nanog mailing list archives
RE: The Death of TCP/IP
From: Roeland Meyer <rmeyer () mhsc com>
Date: Mon, 6 Aug 2001 01:04:37 -0700
From: Wojtek Zlobicki [mailto:wojtekz () idirect com] Sent: Sunday, August 05, 2001 7:26 PM From: "Roeland Meyer" <rmeyer () mhsc com> To: "'Wojtek Zlobicki'" <wojtekz () idirect com>; <nanog () merit edu>From: Wojtek Zlobicki [mailto:wojtekz () idirect com] Sent: Sunday, August 05, 2001 3:09 PM <RANT> Nothing other than anti-Microsoft propaganda. You cannot blame Microsoft for high market share.But you can blame them for making Vbasic available to everyemail messagethat wants to rape your system. Boy, what a brain-fart thatwas. It stillstinks. Repeat after me; nothing in an email message shouldbe executablewithout express and very deliberate operator intervention.Agreed, BUT .... as stated by Cringley himself, Microsoft tailors their software to the populus.
Aside from that fact that I think Cringley's still living in the haze-daze, I think that you've been sucking down that MS Kool-Aid too hard. What MSFT says and what MSFT does are two very different things. They're very good at stroking you so that you don't notice it when they cut your throat, until the cutting's done. Then it's too late. MSFT learned triple-level agendii from the best in the business ... IBM. If you don't read at least three levels of meaning into every MSFT press release then you're being very nieve. Every word in those things is manacured to perfection. You can bet that they are the absolute truth, that they are absolutely accurate, and absolutely incomplete. But, incomplete in such a way that you will not notice. It's the goals and agendii that are very well hidden.
Wow a software company listening to its users, what a travesty.
What's a travesty is that they don't have the user's primary best interest at heart at all. Users may benefit, and probably will, but MSFT will benefit even more. Options that do not include a MSFT benefit are not even considered.
The main reason that *Nix hosts are generally more resilient to these type of worms is that it is lesslikely for a noninformed administrator to administer a *Nix sever.False. A very large portion of the *nux machines are in this sadcondition. False, many popular exploits (such as those with BIND) are fixed/patched much faster.
Uh huh, wu-ftp ... anyone? It's been *years* already. How about PINE? Let us not forget qpopper. I *do* hope that you're not mounting your PDC's NTDS files on anything less than a hardware RAID1 array. If that file evaporates, you will have to re-install *every* DC in the house.
Now a really scarry worm would be one that exploits Apache.
why? What about the new Oracle 9i application server? I'm just looking at that now, I'm sure that there are some issues there. BTW, the first-ever worm was created in a *nix box and infested other *nix boxen, via uucp. In the same time-period, FidoNet was worm-proof.
I used *NIX and not Linux for a reason. Many UNIX boxes are much better
secured.
Joe Sixpack that installs his favourite distro of Linux is just as
vulnerable as a
windows users. I will give you the fact that there are still many unsecure/unpatched boxes in both worlds. It all comes down to the poor management of Internet connected devices.
I think that I made that point. It is even more true today. *nix boxen cost sufficiently much that you generally find them only in professionally-run shops. *nux boxen are found everywhere else. But, also in professionally run shops... right next to the *nix boxen. Latest pricing, of OpenUnix, is right at $1K. *nux is generally around fifty bucks. Guess which one Joe home-user will buy? Guess which one Joe Corp-user will buy? There's lots behind that, which I won't go into here. No, it isn't that clean a cut. This is basic marketing, folks.
I am really encouraged by the new option of auto installing updates in Windows XP.
That doesn't scare you? If someone figures out a way to tap into that update channel then they *own* your WinXP box. Especially since, there isn't a human in that loop. Like no one has ever stolen a MSFT cert before? One bogus update and put a fork in you .. you're done. You only *thought* that CodeRed spread fast. BTW, look at Caldera's Volution sometime.
Current thread:
- Re: The Death of TCP/IP, (continued)
- Re: The Death of TCP/IP Owen DeLong (Aug 06)
- RE: The Death of TCP/IP andrew2 (Aug 06)
- Re: The Death of TCP/IP smoot (Aug 06)
- Re: The Death of TCP/IP Owen DeLong (Aug 06)
- RE: The Death of TCP/IP Mike Batchelor (Aug 06)
- RE: The Death of TCP/IP Dan Hollis (Aug 06)
- RE: The Death of TCP/IP Roeland Meyer (Aug 05)
- Re: The Death of TCP/IP Wojtek Zlobicki (Aug 05)
- Re: The Death of TCP/IP Valdis . Kletnieks (Aug 05)
- Re: The Death of TCP/IP Matthew S . Hallacy (Aug 06)
- CodeRed: New Variant? Seth M. Kusiak (Aug 06)
- Re: The Death of TCP/IP Wojtek Zlobicki (Aug 05)
- RE: The Death of TCP/IP Roeland Meyer (Aug 06)
- Re: The Death of TCP/IP Michael (Aug 06)