Date: Mon, 30 Jul 2001 00:08:27 -0700 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "unknown source" <callihn@hotmail.com>, <freebsd-questions@FreeBSD.ORG> Subject: RE: Would it be so hard? Message-ID: <008b01c118c6$6e3bf960$1401a8c0@tedm.placo.com> In-Reply-To: <F199LOcwFmUM11n3HRM000056a1@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of unknown source >Sent: Sunday, July 29, 2001 2:41 AM >To: freebsd-questions@FreeBSD.ORG >Subject: RE: Would it be so hard? > >> >Well you have some good points here ted I am not as unreasonable as you seem >to take me I don't take you as unreasonable - just new to FreeBSD. > Anyway not that it will >sink in but freebsd is said to be a stable and good for servers will run for >years without maintenance so the box says but it seems something has to be >patched every week so how it that so? So being a fairly reasonable customer ><--"point" how can I find some sort of middle ground here. Keep in mind that it's not the FreeBSD core team that's creating the crack scripts that have to be patched against, it's the crackers. You can build the strongest and most secure car you want - but if you park it for any length of time in the bad section of town one day your going to come back and find the windows smashed in. Is that the fault of the car? If you think that other OS's are any better in this regard then look at just what happened with Code Red and Windows NT/2000. At least finally Microsoft has learned some brains at last and isn't running around anymore claiming Windows NT is invulnerable to cracking. Can you point to any commercial OS vendor today that is making such claims? The only ones I know who are foolish enough to be still doing this are the OpenBSD people. >Although I may >seem unreasonable to some users >I wonder how many paying customers not on the freebsd team think that this >is all so unreasonable and that some effort should not be made to bridge the >security gap. I think that most people are hoping that the crackers that are causing the trouble would just go away and stop bothering us. I mean, issuing crack scripts against FreeBSD is one of the dumber things you can do because just about everyone that runs it is very technical, and the second that a crack is released everybody patches against it. By contrast a Windows crack can be useful for years considering the level of technical savvy of most Windows users. >Or are you telling me I should read The FreeBSD Corporate >Networker's Guide? > What I say in the Networkers Guide is that the administrator must keep current with all patches and security advisories espically if the organization is connected to the Internet. This is nothing new and is nothing different from what everyone would tell you here. I also say to regularly run cracking tools such as SAINT against your own network. Once again this is just common sense. In fact, most of good security merely involves common sense, and the willingness to spend a little time keeping current on the advisories. This is part and parcel of the responsibilities of being a system administrator, and if you want to be responsible for any computer operating system on any computer connected to the Internet, then you have to accept this responsibility. The people on this list here are happy to help you with this but they won't have any patience with you if you aren't willing to accept it. Plenty of people don't want to accept this and they are happy to have their local IS or IT person handle that responsibility for them, and that's perfectly fine too. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?008b01c118c6$6e3bf960$1401a8c0>