On Sun, Jul 08, 2007 at 11:05:26AM -0700, Paul Johnson wrote: > Andrew Sackville-West wrote in Article > <[EMAIL PROTECTED]> posted to > gmane.linux.debian.user: > > > On Wed, Jun 13, 2007 at 11:08:39PM -0700, Mike McClain wrote: > >> I saw this on usenet and wonder about the validity of this statement. > >> > >> 'Seriously any system is as secure as the services you export, if you > >> have nothing listening that can do you harm you are secure...' > >> > >> Disregarding email exploits and exploits through your browser is this > >> true? Assume the hardware is inviolate. > >> Thoughts? > > > > a port with a listening service is like a locked door with a doorman > > inside waiting to open it for whoever knocks. If they know the > > codeword he'll open it for them. > > That's how port-knocking[1] works.
you dropped the [1], but I'll google it.
>
> > So the service (as the doorman) determines how serious the security risk
> > is at the port (door).
>
> Well, in theory, yes. The problem with this formula is that some services
> are promiscuous and don't care who they serve to (http, finger, gopher,
> etc).
indeed.
>
> > If there is no service listening at the port, then there is no way to open
> > that port.
>
> Outbound connections require ports, too!
yeah.
>
> > Of course, since you are running Debian, there are no windows for
> > things to climb through and open the door from the inside. ;)
^^
---------------------------------------------------------------^^
>
> Don't say things like that. What you just said there is like a Windows user
> saying, "Why should I stay patched and run antivirus software? It's not
> like I use this computer for anything serious..."
except that it was a joke, and i so indicated. And I haven't drunk the
kool-aid, or at least I've pissed it out by now, so i understand that
I am only learning, and that's the best i can hope for. And its not as
you describe it. What you describe is a completely irresponsible
computer user who should not be allowed to use a computer because of
the damage they are causing to others through their neglect. Whereas,
what I said was that, ignoring the joke aspect, by running an
inherently more secure system, the user is in a better position than
if they were running windows. Granted, it was probably a little
sophomoric, and in the right forum would be considered inflammatory,
but it was certainly not more than what it was, a joke amongst
generally like-minded folks.
A
signature.asc
Description: Digital signature
