In message <9502240144 .
com> mikenel @
> Windows NT can't be stripped or customized like UNIX boxes can. NT has too
> much overhead for things that really don't matter on a firewall (namely a
> graphical interface).
NT can be stripped down very well since all the software packages are
nicely bundled and have an "uninstall" feature.
As far as the GUI goes, I would not be suprised if that could be thrown
away too - the GUI is not a fundemental part of the operating system,
merely a client for its services. The Windows-like GUI was added very
late in the game. (Guess who's just finished reading Showstopper ;-)
ISTR the handoff point in the registry for the bringing up of
"Windows" and the login screen.
Of course, there are things I'd worry about. Like being able to get
at the registry of one machine from another.
My impressions of the TCP/IP stack are that it performs very well and
correctly - however I don't have the TechNet CDs to hand to see if
you can turn off source routing. TechNet (and probably the WWW site,
and the Custer book come to that, should have expositions on security
Would be is possible or desirable to implement packet filtering at
the device driver level on NT? Perhaps do a special, hacked PPP driver?
Sorry to ramble on, but this NT thing is going to haunt us and we're
going to have to deal with it - I see it kicking Unix every day in my
marketplace (dealing rooms). Sort of like the old SNL "it's a floor polish"
"no, its a dessert topping" sketch. NT is both a "proper" operating
system (as far as I'm concerned it's leapfrogged many Unixes and
against some, it's downright compact!), and it gives you all the
pokey things users love, like Excel, VB, screen savers. It's a floor
polish and a dessert topping.
If anyone wants to take the NT discussions elsewhere, I'm happy to do
so - even to the point of setting up a list.
Fusion Systems, London