On Sat, 25 Oct 1997, Billy Verreynne wrote:
> Billy said:
> > > But even Unix TCP/IP do not always respond as it should - what about
> >> SYN stealth scans?
>
> > Craig I. Hagan <hagan @
cih .
com> replied:
> > what about them? you are ignoring the disease by addressing the
> > symptoms. the fact is that you can't yet state with certainity
> > that MS's tcp code is safe/secure.
>
> Seems like this is going to degrade in another o/s flame war.. :-)
>
> NT TCP/IP is good enough as a server platform for a company doing a
> turnover of almost one billion dollar a year. They've been using NT for 4-5
> years now. Sure there's been problems but most of them were resolved. Safe
> and secure? Well, if you have proper security policies and software in
> place and properly trained staff then why not?
stealth scans are a bug in tcp/ip read the rfc on it, its a flaw in v4,
not in anyones implimentation. v6 will fix that. Any OS can be secure
(except for win95-98 which is hopeless) as long as the admin knows what
he/she is doing.
>
> > hundreds of users isn't high volume. more imporatantly, hundreds
> > of users with what expectation of response time? I would expect
> > sub-second (200ms) worst case response time for a production
> > DB engine with so low a load.
>
> Aw come on! Since when has the actual implementation of a protocol stack
> played a huge part in response times? Response times have more to do with
> the physical network (bridges, routers, etc), buggy network drivers,
> network service software and so on. And you expect sub-second response from
> an OLTP system running accros a WAN with 300+ users! - I really doubt that.
> A single bad SQL statement from a dumb user can trash db performance. Or
> some wise guy doing a FTP across the WAN overloading the band witdh!
>
> > I would argue that NT still has much more flak to go as fortune 1000
> > companies start trying to take it out of pilot and into production for
> > certain 'mission critical' applications.
>
> The flak NT has been receiving in many cases are IMHO just because some
> Unix lovers dislike Bill Gates (who doesn't?) and hate the idea of another
> operating system addressing the same server market. Agreed, NT is by far
> not mature as UNIX, but to simply disregard it as buggy and u/s contradicts
> _many_ companies that are using NT as the standard departmental server
> platform. And as I mentioned, NT is used to run mission critical systems
> and _has_ proved to be robust and stable enough.
>
Not as mature has nothing to do with it, i have an NT box right next to
this linux one and the NT one can do far less, and is much less stable.
Ive had this box up for months at a time with downtime only for kernel
upgrades. The NT box on the other hand has crashed weekly (word 97 seems
to not like NT one bit...).
> > I argue that the ideas behind NT -- that unix, although a good operating
> > system, is too complex for the average business due to the scarcity of
> > knowledgeable people -- is reasonable. however, to then say that NT is
> > good because it is the _only_ OS to fill that need (regardless of
> > shortcomings) is a little premature.
>
> Agreed. But AFAIK only Microsoft's marketing engine is spouting the crap
> that NT is the only o/s to fill the need. Personally, I rather be running
> database engines on Unix than on NT because of hardware scalebility, but
> that does not eliminate NT as good alternative.
>
Have you seen the books for NT? NT is as archane as unix just with out man
pages to help you. You get krappy "help" files that dont explain krap and
a registry that has no documentation with it. Call me a pragmatist but i
dont call that simple and easy to configure. Not to mention all NT
firewall software is comercial, so you have to shell out $$$ to get it and
companies have to pay us loads (i cant speak for other peoples
pricing...) to set them up, just to have it be unstable.
> > Currently, i don't consider it
> > reasonable to compare a young (few year old) os against unix which has
> > been around for a generation in terms of robustness, etc.
>
> Hehehe. Why not? Unix is not that high and mighty! :-) SVR4 has only
> recently been established as the standard - before that Unix seldom was
> Unix. And I still can not port some of my SVR4 code between different Unix
> implementations - so much for sourcecode portability. And be sure that with
> MPP, the Unix path will be split again when it comes to implementing DLM's
> and other MPP features.
>
SVR4 a standard? Lay off the narcotics.
> regards,
> Billy
>
.--------------------------------------------.
Murphy's Corollary:
It is impossible to make anything foolproof
because fools are so ingenious
Mark Guzman -=- Liquid Synergy Designs
seg @
lsd .
pbx .
org
`--------------------------------------------'
References:
|
|
