Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Thu, 29 Mar 2001 11:52:23 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Thu, 29 Mar 2001 11:52:14 -0500 Received: from mx2out.umbc.edu ([130.85.253.52]:9143 "EHLO mx2out.umbc.edu") by vger.kernel.org with ESMTP id ; Thu, 29 Mar 2001 11:52:08 -0500 Date: Thu, 29 Mar 2001 11:51:26 -0500 From: John Jasen X-X-Sender: To: "Richard B. Johnson" cc: Subject: Re: Linux connectivity trashed. In-Reply-To: <000701c0b854$f2cf4f10$1428b2cc@DJLAPTOP> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 29 Mar 2001, Richard B. Johnson wrote: >snipped< First mistake: your security administrator relied on the firewall for protection. It is an _aid_ to security; not the 'be all and end all'. IOW, the hosts weren't hardened to resist penetration in case the firewall didn't cover it. Second mistake: your security administrator didn't make known the changes taking place, so that clueful users could have taken some preventative steps on their UNIX boxes. Third mistake: your security administrator either didn't know about; didn't care about; or didn't act on security problems for linux and solaris -- which have been posted, discussed, and addressed on many general or OS-specific security lists. Fourth mistake: your security administrator, rather than address the problems, is sticking his head in the sand and mumbling 'Windows' -- which, as an OS, is a christmas tree where every bauble says 'please hack me!'. In short, your security administrator needs to be dragged out, shot, and left hanging by the front door as a warning to his replacement. Or, at least fired. -- -- John E. Jasen (jjasen1@umbc.edu) -- In theory, theory and practise are the same. In practise, they aren't. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/