>As a short response I just can tell you: it is almost impossible to keep NT >secure. Not true. How secure your NT server is depends primarly upon the system manager's experience and know-how, and how they've used that to configure the OS - as it is with all OS's. >If you have installed all possible patches, NT kills itself. Also not true. I've got an NT server on our LAN that's got SP3 and all hotfixes up to SP4 installed on it. It's running almost everything but MS Kitchen Sink, and has proven to be more stable than our VAX/VMS systems over the past six months. Another server has NT4/SP4 and the few post-SP4 hotfixes. Also no problems. If you've having BSOD problems on your NT servers, (1) check to see if all the hardware used on the server is listed in the NT hardware compatibility list, and (2) look at any third-party apps that you have installed on the servers. >You have no chance to customize your system to the functionality needed. Incorrect. Quite a bit of customization is possible. Again, it depends on your experience with the OS. >Logging on NT is very difficult. It is not easy to centralize logging and to >observe the logfiles automatically (At least I did not find out how, and the >MCSEs in that company neither). Explain what you mean by "centralized logging"? Do you mean server-centralized, or network-centralized? Als, what do you mean by "observe the logfiles automatically"? >Another point which is quite important: Performance. On NT you need always >twice as much RAM and the clock speed must always be higher to get the same >results than on UNIX. You can test that very easily if you install NT and >FreeBSD or Linux on the same system. The UNIX variant will always perform >better. Possibly, but I'd say that in this age of cheap 400 MHz processors and RAM, that performance is less of issue than usability. An example - if I strip all the seats and upholstery out of my car, sure it would go faster, but it would be less usable. The latter is more of a concern for me, because my car at present goes fast enough to meet my requirements. >In the mentionned company I got the chance from the management to do a simple >test. With a small program downloaded from the Internet I could kill more >than 2000(!) systems in a single strike. This action took me less than five >minutes. Every system had to be rebooted after that action. But a major part >of that company was blocked for about ten minutes. Servers had to be >restarted. None of the responsible persons found the reason for the big bang. Are you suggesting that they've been no doS attacks aimed at UNIX, and this makes it more secure? Also, no interest in flame-wars, just speaking from my experience with NT. Brian Steele - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]