[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to block telnet access.
In <Pine.SUN.3.96-heb-2.07.990926205339.18979A-100000@actcom.co.il>, guy keren <choo@actcom.co.il> writes:
> On 26 Sep 1999, Adam Morrison wrote:
>
> > The point being, again, that you probably can't rewrite you entire
> > system securely. But you can implement and verify a few select
> > services.
>
> you'll need to ba a super-programmer to be 100% sure that the code for the
> services you are running can NOT be exploited. unfortionatly, most sys
> admins are not super-programmers (or are not even programmers at all)...
I never said implementing strong security measures was trivial.
Luckily, such an effort doesn't have to be repeated. In fact, it's
probably a good idea to not duplicate it; the notion that you have to
be a security expert to be connected to the Internet is silly.
(Sadly, it's more-or-less true nowadays, but it SHOULDN'T be true.)
To give an example, you don't need to know a lot to run OpenBSD. But
the security people at OpenBSD do know what they're doing. (Note that
I'm NOT saying that OpenBSD is 100% secure.)
> and please stop telling me that you can "inspect and secure" it - you can,
> truly, but not to a 100% level.
Sorry, I disagree. When something is properly designed and small
enough, it is quite possible. (Like I noted earlier, these days
``properly designed'' probably means little reliance on vendor
libraries and other possibly insecure software.)
> > That works for the specific case of dealing with unlucky losers. The
> > moment your attacker is either skilled, or just plain lucky
> > (i.e. manages to use the latest exploit in the small window of time
> > before you patch your system) then you've lost. That's fine, but I
> > just wanted to pointed out that you can have something more reliable.
>
> i think that you and Or are saying the exact same thing, Adam. both of you
> claim it is not possible to make a system 100% secure, and both of you
> agree that each percent counts, and that 95% or 50% is not the same thing.
I don't think so. First, what I've been saying is that under a
certain threat model (which I established in a previous message), it
IS possible to make a system secure.
Second, I'm trying very hard NOT to use terms like ``95% secure''.
Partial security isn't. In other words, I don't believe that 95% or
50% are ``not the same thing''. They are. Insecure.
> that's why the sain rule is "first decide how important is the system and
> its resources to you, and based on that decide how much effort to spend on
> securing it".
That's the economical side of the equation, not the technical side.
It's possible to architect a system to be secure against the certain
threats we're talking about. It may very well be that you can't
afford to do so; that doesn't make it impossible.
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il