Date: Wed, 7 Nov 2001 16:26:16 -0500 From: "Andrew C. Hornback" <achornback@worldnet.att.net> To: "Anthony Atkielski" <anthony@atkielski.com>, <deepak@ai.net>, "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG> Subject: RE: Lockdown of FreeBSD machine directly on Net Message-ID: <00e101c167d2$d5846020$6600000a@columbia> In-Reply-To: <00d301c16794$595ea480$0a00000a@atkielski.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Anthony > Atkielski > Sent: Wednesday, November 07, 2001 8:59 AM > To: deepak@ai.net; FreeBSD Questions > Subject: Re: Lockdown of FreeBSD machine directly on Net > > Deepak writes: > > > For years telnetd was considered secure enough > > to be open to the world, and then all of a sudden > > it wasn't. > > The same is true of UNIX. I don't believe anyone has ever considered a base install of UNIX to be secure. > > No matter how secure you think your design is, > > there is no ability to predict/detect new holes > > that may appear in existing, stable applications. > > New holes never appear in existing, stable applications; they are > either present > from the start, or never present at all. So... given this assertion, you're saying that if I attempted to use Code Red against an IIS 2.0 installation, it should succeed? *wonders* --- Andy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00e101c167d2$d5846020$6600000a>