[67483] in Cypherpunks
Re: WINDOWS NT ????
daemon@ATHENA.MIT.EDU (Adamsc)
Sun Oct 6 23:44:45 1996
From: Adamsc@io-online.com (Adamsc)
To: "John Fricker" <jfricker@vertexgroup.com>, "snow" <snow@smoke.suba.com>
Cc: "cypherpunks@toad.com" <cypherpunks@toad.com>,
"snajdr@pvt.net" <snajdr@pvt.net>
Date: Sun, 06 Oct 96 20:31:31 -0700
Reply-To: "Chris Adams" <adamsc@io-online.com>
On Sun, 6 Oct 1996 01:28:16 -0500 (CDT), snow wrote:
>> An NT machine running off the shelf protocols and services is certainly mor=
>> e secure than your average linux install. Of course clueless administrators=
>> for either (any) platform can leave the door wide open easily enough.=20
> How about an "average" NT install versus a "average" linux install?
Or, better yet, the typical "rent-a-loser" admin install. You know, the one
who installs everything in the root directory? (I've seen this happen; don't
laugh)
> Neither of my machines are all that secure, but they don't have to
>be right now. Neither has more than 5 users, all of whom I either trust
>personally, or don't know enough to do anything. On the other hand, I
>would be willing to bet that Mr. Metzger, or adamsc (sorry, I forgot your
>full name) could lock a linux box down as tight as a networked NT machine.
With enough time and net access, just about anyone could - if they thought it
was important. Unfortunately, many people just don't realize how open their
system is...
> Hell, I'd bet 20 bucks I could. The machine wouldn't DO a whole lot,
>but it would be tough to break into. (basically, don't run telnetd, ftpd,
>sendmail, run sshd for incoming/outgoing connections, use a secure httpd
>IF NECESSARY, NO NFS, shadow passwords etc.)
++agree.
>> But what do you mean by secure?
> Safe from undesired intrusion.
Now, the much harder one is: safe from undesired usage by authorized users.
As in that guy from the Dept of Health who was handing out the AIDS info...
# Chris Adams <adamsc@io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
# <cadams@acucobol.com> | send mail with subject "send PGPKEY"
"That's our advantage at Microsoft; we set the standards and we can change them."
--- Karen Hargrove, Microsoft (quoted in the Feb 1993 Unix Review editorial)
