nanog mailing list archives
Re: customers and web servers and level one naps
From: Curtis Villamizar <curtis () ans net>
Date: Thu, 12 Sep 1996 22:13:50 -0400
In message <Pine.SV4.3.91.960910141342.17625U-100000 () mercury int sprintlink net
, Srinivasarao Mulugu writes: I know we do, Michael. And I have "their" answer. But they may not have the same experiences you did. I know they did not have the same experiences as some folks running PAIX. So if u have the time and inclination to speak , I do have the interest, to listen to you. ;) -Mulugu
It is possible though admitedly not easy to secure a Unix machine quite tightly (and still put some services on it allowing it to do some useful work) since the services needed for remote administrative access can be fully encrypted. It is not possible to secure a router from the major router vendors at the present time since administrative access involves telnet access where the open TCP session has full priviledges and remains "in the clear" for long periods of time and ready for hijack. A poor administered Unix system has more holes in it than swiss cheese since thats how many workstation products are shipped. BSD systems today are fairly good as shipped but need kerberos or other encrypted access if they are to be administered remotely. There is no recognized source of Unix security merit badges so its hard to specify that Unix systems can only be allowed directly on a specific media if they are securely administered. It is generally easier to turn a Unix box into a sniffer and launch sophisticated attacks from it should it get broken into. Does that approximately match the great wisdom of Sprint? ;-) Curtis ps- how did we get (back) on this topic anyway. - - - - - - - - - - - - - - - - -
Current thread:
- Re: customers and web servers and level one naps, (continued)
- Re: customers and web servers and level one naps Avi Freedman (Sep 05)
- major? bmanning (Sep 05)
- Re: customers and web servers and level one naps Stephen Stuart (Sep 05)
- Re: customers and web servers and level one naps Michael Dillon (Sep 05)
- Re: customers and web servers and level one naps Srinivasarao Mulugu (Sep 10)
- Re: customers and web servers and level one naps Michael Dillon (Sep 10)
- Re: customers and web servers and level one naps Srinivasarao Mulugu (Sep 10)
- Re: customers and web servers and level one naps Michael Dillon (Sep 10)
- Re: customers and web servers and level one naps Steve Schnell, Sprint Corporation (Sep 11)
- Re: customers and web servers and level one naps Jim J. Steinhard (Sep 12)
- Re: customers and web servers and level one naps Curtis Villamizar (Sep 12)
- Re: customers and web servers and level one naps Alexis Rosen (Sep 13)
- Re: customers and web servers and level one naps Stephen Stuart (Sep 05)
- Re: customers and web servers and level one naps Paul A Vixie (Sep 05)
- Re: customers and web servers and level one naps Avi Freedman (Sep 05)
- Message not available
- Re: customers and web servers and level one naps Dean Gaudet (Sep 06)