On 26 Sep 1999, Adam Morrison wrote:
> The point being, again, that you probably can't rewrite you entire
> system securely. But you can implement and verify a few select
> services.
you'll need to ba a super-programmer to be 100% sure that the code for the
services you are running can NOT be exploited. unfortionatly, most sys
admins are not super-programmers (or are not even programmers at all)...
and please stop telling me that you can "inspect and secure" it - you can,
truly, but not to a 100% level.
> That works for the specific case of dealing with unlucky losers. The
> moment your attacker is either skilled, or just plain lucky
> (i.e. manages to use the latest exploit in the small window of time
> before you patch your system) then you've lost. That's fine, but I
> just wanted to pointed out that you can have something more reliable.
i think that you and Or are saying the exact same thing, Adam. both of you
claim it is not possible to make a system 100% secure, and both of you
agree that each percent counts, and that 95% or 50% is not the same thing.
that's why the sain rule is "first decide how important is the system and
its resources to you, and based on that decide how much effort to spend on
securing it".
guy
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
