I am, admittedly, not extremely knowledgeable in matters firewallian, however, this thread returns me to my farming days on the collective.
1. Am I correctly understanding that a firewall is designed to stand between a "protected" region and a "suspect" region?"
2. Am I correctly understanding that said firewall should/does/(is designed to) "stand alone?"
3. Did I miss some important piece of data which caused you professionals to begin slinging that farm product, (fertilizer, organic, bovine, male), at each other with regard to the vulnerabilities of the "protected" region, being the dominant determinant as to whether the firewall can hold back the "fire?"
Please enlighten me as to why the firewall should care if it is protecting unix, nt, cpm, or the farmer's underware.
Thank you,
"Happy Hanukah to all, and to all eight good nights!!!!"
Rabbi
----------
From: Steven Herod[SMTP:sherod @
medeserv .
com .
au]
Sent: Tuesday, December 03, 1996 11:33 PM
To: William Beem
Cc: firewalls @
greatcircle .
com
Subject: Re: Firewalls over NT vs. UNIX
William Beem wrote:
>
> More likely that most folks don't know about the security holes in NT yet.
> UNIX holes receive a fair amount of attention, which often causes a furor
> and a fix. Microsoft remains rather tight-lipped about holes in Windows NT.
I'd have to disagree with that, a hole in NT would cause just as large a
furor
as one in Solaris or Netware for that matter. After all it's Microsofts
flagship
OS. "The way of the future...". I'd certainly yell loudly.
> I rather prefer the UNIX approach of knowing what's wrong with it, so
> I can make a reasonably intelligent assessment regarding the security
> of my servers. Microsoft seems unwilling to tell me what's wrong with
> NT. Maybe that's why I have more UNIX boxes at work than NT servers.
Perhaps we need to ask some questions....
To decide if NT4.0 is insecure:
What holes are in it? What holes have been patched in past versions?
What do you have to do to a base NT system to secure it as a firewall?
As an apps server?
As a file Server?
To decide is Unix (brand X) is insecure:
What holes are in it? What holes have been patched in past versions?
What do you have to do to a base Unix system to secure it as a firewall?
As an apps server?
As a file Server?
I dare say if Unix wasn't around, and Microsoft launched one of the
early implementations of Unix as SuperNT 1.0 the general consensus would
have been to avoid it like the plague because of it's security
problems.
Please correct me if I'm wrong (politely if possible) - I don't intend
to cause offence on this prickly subject.
Follow-Ups:
|
|
