[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to block telnet access.
On Wed, 29 Sep 1999, guy keren wrote:
> next thing you'l tell me that you can write a program that has 0 bugs...
No. But a program that is designed properly and only does one thing has
less chances of having bugs than bloated pieces of crap.
> and that you can 'inspect and secure' each and every line of source code
> in a system that runs a few internet services? that is, each and every one
> of the few 100K source lines (sorry - the kernel itself is over 1M lines
> today, thought most are for drivers you do not use).
Nobody says you have to inspect ALL the source code yourself. It's just
easier to keep track of _one_ application than 30. And if you trust the
designer you can inspect the code a little less rigorously.
> and remember - the system is secure if it was never broken to - not if it
> is impossible to break into it (because this second option is never true).
Break into my home machine. All I have now running is sshd (Which is
vulnerable, I know, but at least enough people use it to clear it out of
the bugs, and I can keep track.) , and I'm about to suspend it too. I
don't need stuff, I disable it. When I need it, I make sure it does what I
it do (Again, ssh is a bad example :) ).
Nir.
--
Nir Soffer AKA ScorpioS. scorpios @ cs.huji.ac.il
http://www.cs.huji.ac.il/~scorpios/
'It's time to kick ass and chew bubble gum. I'm all out of gum.'
Mail me with the subject 'get pgp key' to get my PGP Public key.
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il