Ok - you asked me to comment on your definitive list and I have:
From: Paul D. Robertson <[EMAIL PROTECTED]>
> On Sat, 29 May 1999, Chris Michael wrote:
>
> > At 10:09 AM 5/28/99 , Larry Claman wrote:
> > > I won't comment on this, other than
> > >to say that many (most) security experts still distrust NT.
> >
> > And why is that, exactly? Is this distrust based on an analysis of
> how the
>
> Some major reasons and a bunch of minor ones. I'll enumerate some of
> the
> major ones in no particular order.
>
> First: Track record. NT has had all the failings it was predicted to
> have and then a few. A lot of those are being, or have been fixed, but
> the history is still there. The general consensus about the level of
> programming competence in the Redmond vicinity doesn't seem to be as
> high
> as it is elsewhere - lots of bugs have been fixed multiple times. Track
>
> records are important in security. Perceptions are to some folks and
> aren't
> to others.
There is a few points here - let's break them up:
i) NT has had all the failings it was predicted to have.
FALSE. NT was predicted to have many failings, and did have some of them and not
others. Many predictions have likened
it to Windows 3.x and 9x which have *not* come true - the NT kernel is still NT and
has not been merged into the others.
NT was supposed to not have any penetration into the marketplace - this has not
happened. NT was not supposed to be as
reliable, robust and securable as Unix. This is also false.
ii) NT has a history of bugs and failings.
So does Unix (countless root exploits etc.). So (especially) do products such as
Sendmail and Apache, but people still
use them and swear by their security.
iii) Coding standards at Redmond.
Blatant generalisation. Some of the coders at Redmond aren't so great, sure. Can you
say NT is no good because Excel
on your Mac crashed?
iv) Lots of bugs have been fixed multiple times.
Such as? If you mean "fixed in 3.51 and 4.0" then isn't it good that they are still
fixing old systems? In most cases,
yes. For Microsoft, No.
> Second: Baggage/Design. You can't pare that sucker down to essential
> services and code. Worse yet, most of what you'd worry about isn't
> documented well enough to help in an attempt. There's also a great deal
> of non-IP networking baggage, and perhaps some IP networking baggage
> that
> doesn't seem to have an off button. In fact, lack of off buttons is a
> big thing overall. Sometimes the off buttons are undocumented registry
> settings - what a joy that is to replicate!
Such as? I can pare down my NT machines to exactly the processes and services I want
running. Why not run the network
control panel and remove everything you don't want? Look at the services control
panel and the "Stop" button. Looks
like a great big off switch to me.
> Third: Moving target syndrome. NT's development cycle is still too
> fast
> to get a good feel for long-term issues. Microsoft seems to have the
> goal of replacing NT as often as the general computing market will bear.
> That's counter to the stable, proven, well-researched platform that most
> security people want. Service packs, new Web browsers and almost
> anything else updates code in an unregulated way. There's no telling
> what's going to break when you upgrade. If you get reasonably happy
> with
> NT4, you know you're going to have about 18 months before you have to
> replace it and redo the learning, analysis and everything else. There's
> nothing saying that Windows 2000 will meet the same requirements in the
> same ways. You have to move though because every single OS incident
> starts
> with a request to upgrade.
Garbage. Microsoft still supports NT 3.51 as an operating system. They are not
"forcing" you to upgrade and are not
dropping support for all the things you have working. This is a great big strawman.
Firewalls for NT generally run on older system - quite a few on NT 3.51 because it is
exactly what you describe above.
Now, on the NT bashing, would you care to contrast with Linux which is vastly more
volatile? How about Solaris which
ripped up the stable SunOS and dropped in a completely different system? Let's get
realistic here and talk about people
in glass houses throwing stones.
> Fourth: Remote access. While I'm a firm believer that physical-only
> access is a good thing, a lot of my coworkers aren't. NT's remote
> access
> capabilities aren't as attractive as those of Unix. By a long shot.
Agreed. If you are in a situation where you want to access everything from a telnet
session and couldn't be bothered
installing the telnet service on NT. For remote management, I've never had a problem
with NT and have found it a lot
easier to manage MS Proxy Server than many Unix based firewalls from remote sites.
> Fifth: Tools/utilities. Trying to diagnose network problems from an NT
> server is sometimes an exercise in frustration and 3rd party products.
> When that problem is an attack it can be downright frustrating. Some of
> this is familiarity, and some of it is based on adding more of those
> darned library-updating programs we touched on in #3.
Between network sniffing and the command line tools (ping, tracert and netstat etc.)
I've had no problems at all getting
to the bottom of network problems. YMMV of course, but in the context of firewalls
(SMB, NCP, Appletalk etc aside) it
is all very straight forward.
> Sixth: Familiarity. Probably the opposite of what you're expecting,
> but
> I *know* that aside from trying to 3-finger salute the console a few
> times (mostly because they think it's another machine entirely) , my
> operations folk wouldn't dream of trying to log into any of my *nix
> servers. The people who get to log in aren't the kind who would play
> Quake on the console.
So if you don't provide them with logons to the console... Seriously though, this is
a pretty good argument in the
sense that people tinkering with the system can often screw it up and
pseudo-familiarity with NT will mess up a secure
system really quickly!!
> Seventh: Eggs and baskets. If you're protecting mostly Windows
> machines, you might not want a catestrophic issue to affect the security
> infrastructure as well as the servers you're protecting.
Good point, however if you want to authenticate your windows users onto the internet,
NT is the best choice, especially
with the Winsock proxy features of proxy server.
> Eigth: Support/Staffing. While there are a gazillion people with MS
> certifications and really good looking resumes, there aren't a large
> number of people who really know NT. What some people consider "knows
> the OS in depth" is "Can check check boxes and usually find the right
> dialog." I find that it's much easier to get a read on how much *nix
> people know than how much NT people know. I had the same issues with
> Netware admins.
This is pretty much a matter of knowing what to ask at an interview. If you are not
an "NT person" yourself then it is
pretty hard, but if you start asking questions about issues with Samba clients and
they look at you stupidly then you
are part of the way there.
Really, this list is a pretty good description of the perception of NT by people who
have spent most of their lives on
other systems and haven't taken the time to look past the mass of paper MCSEs and
people who know a lot more about
opening up networking than locking it down. As a case of perception, NT still has a
long way to go in the security
community. As for what it is actually capable of, it can secure a network as well as
any mainstream Unix can when used
properly as a firewall. It comes down to what the requirements are and what the
people maintaining the system are going
to be able to use more efficiently.
Regards,
John Wiltshire
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
