Firewall Wizards mailing list archives
Re: Host Based Packet Filters (was: OT: The Morris worm to Nimda, how little we've learned or gained)
From: Crispin Cowan <crispin () wirex com>
Date: Mon, 07 Jan 2002 13:42:37 -0800
Bill_Royds () pch gc ca wrote:
We make that OS, and at a pretty decent price :-) Immunix is designed to enhance security without compromising on functionality, by applying a variety of tools (StackGuard, FormatGuard, RaceGuard) that limit the exploitability of the inevitable software vulnerabilities that come with lots of functionality.The problem with using OpenBSD as a desktop is not security but functionality. If I can't get the job done using the secure tools, then the secure tools won't be used. ... When all the functionality of software that makes enterprises work is available on a secure OS (and MS will never make that OS), then we can convert to that OS.
In the absence of sneaky widgets like StackGuard, then I agree: security inevitably ends up being a trade-off with functionality, and for most purposes, functionality wins.
Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Host Based Packet Filters (was: OT: The Morris worm to Nimda, how little we've learned or gained) Bill_Royds (Jan 07)
- Re: Host Based Packet Filters (was: OT: The Morris worm to Nimda, how little we've learned or gained) Crispin Cowan (Jan 08)