[54016] in North American Network Operators' Group
Re: The magic security CD disc Re: HTTP proxies
daemon@ATHENA.MIT.EDU (David Howe)
Mon Dec 9 09:43:30 2002
From: "David Howe" <DaveHowe@gmx.co.uk>
To: "Email List: nanog" <nanog@nanog.org>
Date: Mon, 9 Dec 2002 14:37:09 -0000
Errors-To: owner-nanog-outgoing@merit.edu
at Monday, December 09, 2002 4:29 AM, Steven M. Bellovin
<smb@research.att.com> was seen to say:
> Right. The problem (and the point I was making) is that "secure" is
> context-dependent. In some sense, the easy way to "secure" machines
> is to pull the network jack. That's a serious DoS attack on yourself.
perhaps a portscanner, coupled to some sort of process scanner (loaded
with the common windows-based services, especially ones that come
bundled) and a simple checkbox list that lists all the services, what
they are (in relatively simple english) and allows the user to turn them
back on (defaulting to off) ?
Just sticking to windows would cover 95% of the potential users (if not
more) and make the disk much simpler to write.
