Given that some mail from myself regarding testing TCP/IP was forwarded to
a list other than the original (best-of-security @
suburbia .
net), and that
this debate keeps coming up, I'll add a few more words.
Using any operating system which has its own TCP/IP stack (and NOT based
on BSD) is a can of worms. This comes from recent personal experience
(killed the office mail server `accidently' :) and I've been able to repeat
it.
You might get lucky, and you might not.
Definately, though, people aren't putting TCP/IP through the same testing
that BSD would seem to have been through, when they write it today, which
is a worry.
Btw, I haven't targetted non-Unix TCP/IP yet, but I don't expect them to
be any more robust if they're not BSD based.
darren
|
|
