On Tue, Sep 29, 1998 at 10:34:32PM -0400, Susan Duncan wrote:
> I had someone hack their way into a Linux box via it's sister machine, and
> recompiling the code would have been a first step (the hackers
> had recompiled the OS to create a near invisible back door), and then
> going through security on it step by step.
This is not a credible argument for "black box" solutions where the
source code isn't available. It's been demonstrated time and time again
that having the source code available is a huge win. Of course, it's
possible to set up *any* system in an insecure manner -- Unix included --
if you're determine to do so.
Which leaves me with two questions: (1) Who set up the box so that it
could be hacked? and (2) Why weren't you running tripwire on it
so that recompiled code would be detected?
> > it with all of that (except Cold Fusion: no need for it) in about an hour.
>
> That one's debatable as I've yet to find a product that is as easy to
> work with.
<shrug> I don't use it, probably never will -- I don't need it. I use
standard Unix tools (vi, make, RCS, etc.) to handle all of my web site
revision control and staging, coupled with other tools (xv, xpaint, gimp)
to deal with graphics.
> > The differences are that the Linux system will blow the doors off
> > the NT system in terms of performance and stability. (Let's see that
> > NT box run all of those servers/applications simultaneously. The resource
> > allocation problems alone will probably cause it to seize.)
>
> Nope <g> done it.
Oh, give me a break! *NOBODY* has done it. That's the whole point.
NT systems melt when presented with that sort of application mix and
load. Heck, in your own articles you mention errors such as "application
not responding" -- that's NOT "doing it". That's a broken OS in action.
And that is why even Microsoft (and Hotmail, btw) runs Unix servers for
their web/mail sites. NT simply isn't up to the job. My bet is that it
never will be, because of poor design decisions that are part of
its fundamental structure -- I don't think they can band-aid it enough
to make it ready for prime time. Oh, I'm sure they'll get closer...
but that's not good enough.
> Just as a side note, although we run NT, we are running Netscape
> Suitespot for the web server, MetaInfo DNS, MetaInfo Sendmail, Allaire
> Cold Fusion and only use IIS for FTP server. On that same box I used
> to have WebBoard, but it couldn't reside on the sendmail server for
> some of its functions and had to be moved to a new server.
Sheesh. Look at what you're doing: you're trying to recreate the
environment that Unix/Linux systems come with out-of-the-box. Why
don't you drop the ersatz junk and run the real thing?
---Rsk
Rich Kulawiec
[EMAIL PROTECTED]
____________________________________________________________________
--------------------------------------------------------------------
Join The Web Consultants Association : Register on our web site Now
Web Consultants Web Site : http://just4u.com/webconsultants
If you lose the instructions All subscription/unsubscribing can be done
directly from our website for all our lists.
---------------------------------------------------------------------
