On Mon, 16 Sep 1996, Michael Baumann wrote:
> On Mon, 16 Sep 1996, Todd Truitt wrote:
> > >
> > > > Politely, and IMHO, it's *very* dangerous to use any OS on your firewall
> > > > which is freeware or which has it's source easily available.
> > >
> > > Out of the same politeness i ask why you feel this way? Does source code
> > > make an OS more vulnerable? Does that mean an OS with source is developed
> > > more insecurly than an OS without src? Take BSDI and Solaris.
> > > Which of the 2 is more insecure or which is more secure?
> > > Neither come standard with src. To me this is truly baffling.
> > >
> > The argument moves along the same lines as using sendmail vs. upas.
> > upas may not be more secure, but fewer people are as familar with
> > any bugs, so the chance of a successful attack are already lower.
> Ahh, yes, the infamous 'security through obscurity' argument...
> Personally, I would rather be able to tell what is running where
> via source, than assume someone else did the job right.
> And as an additional bonus.. if an explotation script gets written
> for a freeware OS, there is generally a very fast response from its
> support community -- I wish we could say the same of the commercial
> vendors :/
I agree. Know thy enemy. How can you defend yourself if you dont know how
your OS works? Thats just dumb. Least of which if you dont have src you
cant fix anything. Your at someone elses mercy to solve your security
problems. If thats your cup of tea fine, but its not mine.
===================================| Webspan Inc., ISP Division.
FreeBSD 2.1.5 is available now! | Phone: 908-367-8030 ext. 126
-----------------------------------| 500 West Kennedy Blvd., Lakewood, NJ-08701
Turning PCs into Workstations | E-Mail: scanner @
http://www.freebsd.org | SysAdmin / Network Engineer / Security
===================================| Member BSDNET team! http://www.bsdnet.org