Re: The magic security CD disc Re: HTTP proxies

["Steven M. Bellovin" <smb () research att com>]

In message <Pine.GSO.4.44.0212082230200.11579-100000 () clifden donelan com>, Sean
 Donelan writes:
> On Sun, 8 Dec 2002, Steven M. Bellovin wrote:
> > I forget which of the Rainbow Series of books said it -- the Yellow
> > Book, I think -- but one of them noted that the same LAN that was
> > insecure in an office might be quite secure in a submerged submarine
> > with a highly-cleared crew aboard.
>
> As far as I know, we don't have a big problem with zombie computers on
> submarines DOSing the Internet.

Well, no...
> It takes a lot of time to talk individual users through fixing their
> computers.  Especially when they didn't break it.  They just plugged
> the computer in, and didn't spend 4 hours "hardening" it.  Most of the
> time we're not talking about very complex server configurations, with
> full-time system administrators.  The "magic" CD would be for people who
> don't know they are sharing their computers with the Internet.  When
> they find out (or someone else reports it), they don't want to share
> their computers with everyone the Internet.  They just want it fixed.

Right.  The problem (and the point I was making) is that "secure" is 
context-dependent.  In some sense, the easy way to "secure" machines is 
to pull the network jack.  That's a serious DoS attack on yourself.  
Microsoft et al. could -- and should -- ship with all services off,
but of course those services exist because they provide some 
functionality that some people want.  Are those services safe?  Well, 
maybe -- it depends on your environment and your clue.  Ssh to a Cisco 
router is a reasonable thing to do, but not if the login password is 
trivial.

                --Steve Bellovin, http://www.research.att.com/~smb (me)
                http://www.wilyhacker.com ("Firewalls" book)