[aclug-L] Re: Denied connections
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
On Sunday 26 August 2001 18:40, you wrote:
> Greg House wrote:
> Maybe we should have SSH for a topic and how to use it one of the ACLUG
> meetings.
Could be interesting. Perhaps a wider topic of personal encryption would also
be good (did you guys do that one awhile back? PGP, etc?)
> My Micorosoft friends are always telling me how INSECURE
> Linux is and that Linux computers are so easy to hack into. (I wonder
> how they think they know that, have they tried?)
Sounds like the standard FUD to me. If Windows was so secure, why did Code
Red cause such a mess? [Yeah, I know, it was a RESOLVED problem before it was
exploited, so the answer is that M$ administrators don't know how to keep up
with the important security patches...even the M$ administrators at M$ owned
services like Hotmail, who got infected too...]
> I need more amunition to argue with them.
Go check out the Bugtraq list (securityfocus.org). You'll find thousands of
unresolved vulnerabilites with WinNT/2000, maybe a few hundred for Linux
(which distribution?), with 99% of them already having patches available for
free download.
Some people make the argument that an "out of the box" Linux system (RedHat?)
is less secure because it installs and starts a lot of services by default.
So if you don't go trim back the stuff you don't use, it's there. But that
can be pretty easily eliminated if you pick what packages you want installed.
If you don't want telnet running, hey, don't install the telnet-server
package (or don't start it). I guess the argument has some validity
> Right now, I just try to leave them alone.
Probably the best approach. Frankly, anyone who'd argue that Microsoft
produces anything even remotely secure is probably blind enough to the truth
that an intelligent argument on the topic would be difficult. If you really
want to learn about hacking, security, etc, there are lots of books out
there.
I'm sure someone more familiar with this stuff could recommend the best ones,
but I've looked over Hacking Linux Exposed and it seems pretty interesting.
The regular Hacking Exposed talks about a lot of M$ vulnerabilities. I looked
at Maximum Linux Security awhile back and it seemed pretty interesting too. I
don't claim to be an expert, my machine's probably more insecure then most,
but it's only connected for short periods of time over a slow modem
connection. It's a p.o.c. anyway (half broken, old hardware) so I don't know
why anyone would be interested in crackin it to start with.
Greg
-- This is the discussion@xxxxxxxxx list. To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
- [aclug-L] Next Generation of Windows: Windows RG, Clint Brubakken, 2001/08/23
- [aclug-L] Re: Next Generation of Windows: Windows RG, Ryan Hunt, 2001/08/23
- [aclug-L] Re: Next Generation of Windows: Windows RG, Clint Brubakken, 2001/08/23
- [aclug-L] Re: Next Generation of Windows: Windows RG, Zeke Lightwave, 2001/08/25
- [aclug-L] Denied connections, Bruce Bales, 2001/08/26
- [aclug-L] Re: Denied connections, james l, 2001/08/26
- [aclug-L] Re: Denied connections, Greg House, 2001/08/26
- [aclug-L] Re: Denied connections, Ironrose, 2001/08/26
- [aclug-L] Re: Denied connections,
Greg House <=
- [aclug-L] Re: Denied connections, Ironrose, 2001/08/26
- [aclug-L] Re: Denied connections, Greg House, 2001/08/27
- [aclug-L] Re: Denied connections, Ironrose, 2001/08/27
- [aclug-L] Re: Denied connections, John Alexander, 2001/08/26
- [aclug-L] Re: Denied connections, Ironrose, 2001/08/26
- [aclug-L] Re: Denied connections, John Alexander, 2001/08/26
- [aclug-L] Re: Denied connections, gLaNDix, 2001/08/27
- [aclug-L] Re: Denied connections, Chris Owen, 2001/08/27
- [aclug-L] Re: Denied connections, gLaNDix, 2001/08/27
- [aclug-L] Re: Denied connections, Ironrose, 2001/08/26
|
|
