I am very interested in using NT as a firewall and rather than everyone
getting into debates about the "perfect firewall" and operating system
should there be a separate list for those who through desire or necessity
have to use NT as their firewall platform? Then there could be detailed
discussions of the practicalities of implementation. Anyone willing to
offer a mail list for this purpose or know of one that already exists?
Volunteers no doubt would like to contact Brent to know what they are
letting themselves in for.
I know that no doubt there are dangers of assuming an OS is good enough
and blindly ploughing in but I assume some firewall manufacturers are
willing to stake a reputation on producing products and being able to
evolve to counter new threats. No flames please.
lurk mode on
Mike Marriage
Systems Engineering Team Leader
City College Norwich ( England )
----------
From: Dave Sroelov
Sent: Tuesday, December 10, 1996 5:19 PM
To: Matthew Thompson
Cc: 'Todd Graham Lewis'; 'firewalls @
greatcircle .
com'
Subject: Re: Delete permissions on files
and the holy war between unix and the rest of the known universe rages
on...
Matthew Thompson wrote:
>
> Well golly gosh! Another gaping NT hole which does not exist in Unix!
>
> On your HP-UX system try:
> mkdir xx
> chmod 777 xx
> cd xx
> cp /dev/null yy
> chmod 0 yy
> rm yy
>
> Gee looks like my "no body has access" Unix file is gone, and I can
replace
> it with any other (But then hopefully everyone on this list knew that
> already).
>
> Now you know where the "Feature" in NT came from, for Posix compliance
and
> Unix compatibility, to emulate the Unix behavior demonstrated above. On
NT,
> Set the permissions for that directory to "Change", and the permissions
on
> the file to deny deletion than try to delete the file, No Go! Wow!.
> Suprising isn't it that granting "Full Control" to a directory actually
> gives you full control of it's contents, Just Like Unix!, How Strange!
>
> The exact behaviour is a bit obscure, in that the no delete bit is
ignored
> when full control is selected, and people who don't know what the're
doing
> may be seduced by the GUI into thinking they do.
>
> Not a religious argument for NT, Just Unix only guys, don't assume NT
works
> just like Unix, actually read the manuals and work with the system then
> spout an opinion based on reality not percieved reality.
>
> The stongest opinions on a given subject are generally held either by
those
> who know everything about it or those who know nothing about it.
>
> ---------------------------------------------------------------------
> Kiwitech Marine Solutions Ltd.
> RaceTech, SailTech, PowerTech, Marine Software & Hardware
>
> Web: http://www.kiwitech.co.nz, Email: mthomps1 @
kiwitech .
co .
nz
>
> Phone: +64-9-307-0819 Fax: +64-9-307-6685 Mobile: +64-21-998-600
> PO Box 5909, Wellesley Street, Auckland, New Zealand
Follow-Ups:
|
|
