[Full-Disclosure] RE: Linux (in)security
Mr. Rufus Faloofus
foofus at foofus.net
Tue Oct 21 22:22:50 BST 2003
On Wed, Oct 22, 2003 at 04:10:53PM -0400, Arcturus wrote:
[snip]
> In lieu of securing the actual box, we put a firewall (running linux/unix)
> in front of it. Then, we use a simple approach of "that which is not
> expressly allowed, is expressly denied" in our policies, and voila.
> Secured.
It might be better to say "protected from attacks sourced
from the other side of the firewall and directed at ports
that we filter."
[snip]
> Just for the record, this was written in Outlook, and sent out via a secured
> system, that happens to run a Microsoft OS.
I'd never have guessed:
> "It's not the OS, it’s the operator"
--Foofus.
Full-Disclosure is hosted and sponsored by Secunia.