From owner-freebsd-questions  Wed Nov  7 13:30:25 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from mtiwmhc22.worldnet.att.net (mtiwmhc22.worldnet.att.net [204.127.131.47])
	by hub.freebsd.org (Postfix) with ESMTP id D2CB137B416
	for <freebsd-questions@FreeBSD.ORG>; Wed,  7 Nov 2001 13:30:21 -0800 (PST)
Received: from columbia ([12.93.212.216]) by mtiwmhc22.worldnet.att.net
          (InterMail vM.4.01.03.27 201-229-121-127-20010626) with SMTP
          id <20011107213020.ZYVC4554.mtiwmhc22.worldnet.att.net@columbia>;
          Wed, 7 Nov 2001 21:30:20 +0000
From: "Andrew C. Hornback" <achornback@worldnet.att.net>
To: "Anthony Atkielski" <anthony@atkielski.com>, <deepak@ai.net>,
	"FreeBSD Questions" <freebsd-questions@FreeBSD.ORG>
Subject: RE: Lockdown of FreeBSD machine directly on Net
Date: Wed, 7 Nov 2001 16:26:16 -0500
Message-ID: <00e101c167d2$d5846020$6600000a@columbia>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600
In-Reply-To: <00d301c16794$595ea480$0a00000a@atkielski.com>
Importance: Normal
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

> -----Original Message-----
> From: owner-freebsd-questions@FreeBSD.ORG
> [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Anthony
> Atkielski
> Sent: Wednesday, November 07, 2001 8:59 AM
> To: deepak@ai.net; FreeBSD Questions
> Subject: Re: Lockdown of FreeBSD machine directly on Net
>
> Deepak writes:
>
> > For years telnetd was considered secure enough
> > to be open to the world, and then all of a sudden
> > it wasn't.
>
> The same is true of UNIX.

	I don't believe anyone has ever considered a base install of UNIX to be
secure.

> > No matter how secure you think your design is,
> > there is no ability to predict/detect new holes
> > that may appear in existing, stable applications.
>
> New holes never appear in existing, stable applications; they are
> either present
> from the start, or never present at all.

	So... given this assertion, you're saying that if I attempted to use Code
Red against an IIS 2.0 installation, it should succeed?  *wonders*

--- Andy


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message