North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: The Death of TCP/IP

  • From: Matthew S . Hallacy
  • Date: Mon Aug 06 08:30:52 2001

> False,  many popular exploits (such as those with BIND) are fixed/patched
> much faster.
> Now a really scarry worm would be one that exploits Apache.  I used *NIX and
> not Linux for a reason.  Many UNIX boxes are much better secured.  Joe
> Sixpack
> that installs his favourite distro of Linux is just as vulnerable as a
> windows users. I will give you
> the fact that there are still many unsecure/unpatched boxes in both worlds.
> It all comes
> down to the poor management of Internet connected devices.  I am really
> encouraged
> by the new option of auto installing updates in Windows XP. It is sad that
> such a well
> publicized worm/bug is spreading so far (it made the front page of the
> National Post here
> in Canada).
> >

I'd like to point out the many, many IRIX machines out there, along with AIX, Solaris,
and any other *cough* "real" *cough* OS, that still come with telnet on by default, 
(ready to be broken into), RPC services, ftpd, [insert-wonderful-exploitable-service-here].

It isn't specific to any operating system, Microsoft just makes it a lot easier to get
along, while being completely stupid, and hiding what's going on behind the scenes, as
a side note, RedHat 7.1 now comes default with sshd, a firewall, hardly anything on by 
default (even if it is, it's firewalled), along with the ability to sign onto their site
(free) and have it keep track of what updates you need to install (it emails you).

This results in a Point, Click, wait for download, wait for update to install, and
you're updated, debian has a similar capability (although not as good) which will
also keep your system up-to-date.

Please keep the unfounded OS bashing to a minimum.


> > >