Firewalls: Re: Firewalls over NT vs. UNIX

Firewalls
(December 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Firewalls over NT vs. UNIX
From:	Kent Landfield <kent @ landfield . com>
Date:	Wed, 4 Dec 1996 09:54:18 -0600 (CST)
To:	sherod @ medeserv . com . au
Cc:	wrbeem @ gate . net, firewalls @ GreatCircle . COM
In-reply-to:	<32A4FF2F . 40D7 @ medeserv . com . au> from "Steven Herod" at Dec 4, 96 02:33:51 pm

# > More likely that most folks don't know about the security holes in NT yet.
# > UNIX holes receive a fair amount of attention, which often causes a furor
# > and a fix. Microsoft remains rather tight-lipped about holes in Windows NT.
# 
# I'd have to disagree with that, a hole in NT would cause just as large a
# furor
# as one in Solaris or Netware for that matter.  After all it's Microsofts
# flagship
# OS.  "The way of the future...".  I'd certainly yell loudly.

If you knew about it.  The point is that the Unix sources which formed the 
basis for most commercial versions are publicly available.  The community 
can, has, and is reviewing those sources looking for potential vunerabilities.
Armed with a base knowledge, some then attempt to exploit them on their 
favorite verions of Unix.  There is no basis for this type of "research" in 
NT and only after you stumble on a serious problem has any mention been 
forthcoming from Microsoft.

# To decide if NT4.0 is insecure:
# What holes are in it? What holes have been patched in past versions?
# What do you have to do to a base NT system to secure it as a firewall? 
# As an apps server? 
# As a file Server?
# 
# To decide is Unix (brand X) is insecure:
# What holes are in it? What holes have been patched in past versions?
# What do you have to do to a base Unix system to secure it as a firewall? 
# As an apps server? 
# As a file Server?

Please compare apples with apples.  Unix has been around many years and for
the most part, developed within an open community.  There will have been many
more problems in a 25 year old operating system versus a 5 (??) year old 
operating system.  Then there is the number of different Unix versions versus
the tightly controlled Microsoft source baseline. 

# I dare say if Unix wasn't around, and Microsoft launched one of the
# early implementations of Unix as SuperNT 1.0 the general consensus would
# have been to avoid it like the plague because of it's security
# problems.  

They did, remember Microsoft's Xenix.. ? ;-)

No, if Unix had not been around, the model for open OS development would 
not have occurred as it did.  The reality based attitude towards security
(security by obscurity versus security by evalutaion) would have been
different.  

-- 
Kent Landfield                        Phone: 1-817-545-2502             
The Landfield Group                   FAX:   1-817-545-7650             
Email: kent @
 landfield .
 com             http://www.landfield.com/
Please send comp.sources.misc related mail to kent @
 uunet .
 uu .
 net .

References:

Re: Firewalls over NT vs. UNIX
From: Steven Herod <sherod @ medeserv . com . au>

Indexed By Date	Previous:	Re: WarRoom ISS Survey -- Gembicki's Comments From: "F.S. Symington" <FSymington @ gnn . com>
Indexed By Date	Next:	Re: Ip Routing on a SUN From: Les Gondor <les @ trigraph . on . ca>
Indexed By Thread	Previous:	Re: Firewalls over NT vs. UNIX From: Steven Herod <sherod @ medeserv . com . au>
Indexed By Thread	Next:	Re: Firewalls over NT vs. UNIX From: peter @ baileynm . com (Peter da Silva)