Firewall Wizards mailing list archives
Re: Extreme Hacking
From: "James Burns" <jburns () ipivot com>
Date: Wed, 7 Jul 1999 10:42:39 -0700
People are talking about how to make a box immune to hacking. There seems to be the idea that if you crack as many aspects of the box as possible and then fix them that somehow you've made a secure box. This just isn't true. There will always be bugs either in the software or in the configuration which will allow people with enough time and determination to get access to the box. It seems that finding new ways to hack something is creating a problem so you can solve it. I'm not saying that general checks of whether you box does anything stupid are worthless. What I'm saying is that you can create as many problems as you like, fix all of them, and someone smarter or more skilled than you is still going to come along and break your software/configuration. Part of the problem is that most software is built on top of operating systems which have not been fully audited. If there was a "known secure" operating system or general code base and all you had to do was check your own code it would be a lot easier. Perhaps that will happen sometime. However, then the problem is as I indicated above. You can take a perfectly "secure" operating system and configure it so it isn't secure. (Partially because secure means different things in different contexts.) -James ------------------------------------------------------------------------- James Burns Software Engineer IPivot, Inc. -------------------------------------------------------------------------
Current thread:
- Re: Extreme Hacking, (continued)
- Re: Extreme Hacking Rafi Sadowsky (Jul 09)
- Re: Extreme Hacking Darren Reed (Jul 12)
- Re: Extreme Hacking Rafi Sadowsky (Jul 09)
- RE: Extreme Hacking sean . kelly (Jul 06)
- Re: Extreme Hacking Darren Reed (Jul 08)
- Re: Extreme Hacking Brad J Passwaters (Jul 12)
- Re: Extreme Hacking Darren Reed (Jul 12)
- Re: Extreme Hacking Brad J Passwaters (Jul 12)
- Re: Extreme Hacking Bennett Todd (Jul 13)
- Re: Extreme Hacking Darren Reed (Jul 08)
- Re: Extreme Hacking Tommy Ward (Jul 12)
- Re: Extreme Hacking dreamwvr (Jul 12)
- Re: Extreme Hacking James Burns (Jul 12)
- RE: Extreme Hacking George Jones (Jul 12)
- Message not available
- RE: Extreme Hacking Jody C. Patilla (Jul 12)
- RE: Extreme Hacking char sample (Jul 12)
- RE: Extreme Hacking mht (Jul 12)