[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to block telnet access.




On 27 Sep 1999, Adam Morrison wrote:

> To give an example, you don't need to know a lot to run OpenBSD.  But
> the security people at OpenBSD do know what they're doing.  (Notethat 
> I'm NOT saying that OpenBSD is 100% secure.)

then in your own words, openBSD is insecure (i.e. anything less then 100%
is insecure)?

> > and please stop telling me that you can "inspect and secure" it - you can,
> > truly, but not to a 100% level.
> 
> Sorry, I disagree.  When something is properly designed and small
> enough, it is quite possible.  (Like I noted earlier, these days
> ``properly designed'' probably means little reliance on vendor
> libraries and other possibly insecure software.)

next thing you'l tell me that you can write a program that has 0 bugs...

and that you can 'inspect and secure' each and every line of source code
in a system that runs a few internet services? that is, each and every one
of the few 100K source lines (sorry - the kernel itself is over 1M lines
today, thought most are for drivers you do not use).

> Second, I'm trying very hard NOT to use terms like ``95% secure''.
> Partial security isn't.  In other words, I don't believe that 95% or
> 50% are ``not the same thing''.  They are.  Insecure.

but in a world where you cannot achive the 100%, still 95% is better then
50% (or you don't beleive in statistics of the chance of being attacked by
a cracker that happens to land exactly on the security holes that exist in
your specific system).

and remember - the system is secure if it was never broken to - not if it
is impossible to break into it (because this second option is never true).

> > that's why the sain rule is "first decide how important is the system and
> > its resources to you, and based on that decide how much effort to spend on
> > securing it".
> 
> That's the economical side of the equation, not the technical side.

not as i see it, since i know it is _never_ possible to achive a
completely secure (i.e. 100% secure) system.

> It's possible to architect a system to be secure against the certain
> threats we're talking about.  It may very well be that you can't
> afford to do so; that doesn't make it impossible.

the effort is asymptotic - you'll need to invest an infinite ammount of
effort in order to get very close to 100% secure, and even then you're not
100% secure.

but i tihnk this argument leads no where - you're the optimistic type of
a sys admin, and i am not, and none of us will convince the other..

guy


=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il