lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <871080DEC5874D41B4E3AFC5C400611E06B47616@UTDEVS02.campus.ad.utdallas.edu>
From: pauls at utdallas.edu (Schmehl, Paul L)
Subject: Odd Behavior - Windows Messenger Service

> -----Original Message-----
> From: morning_wood [mailto:se_cur_ity@...mail.com] 
> Sent: Thursday, July 17, 2003 10:49 AM
> To: Schmehl, Paul L; dos cerveza; full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] Odd Behavior - Windows 
> Messenger Service
> 
> > It'll be a sad day when someone has to login to the console 
> before a 
> > server can start doing its work. :-)
> 
> whoever said it was a server? This is a worksation product.
>
(I guess I'm going to have to use more specificity in my posts.  I
*thought* people in this group would understand some basics, but such is
apparently not the case.)

You misunderstand my use of the word "server".  I'm not referring to a
big expensive box with multiple processors, lots of memory and RAID
arrays.  A server is the complement of a client.  And I'm hard pressed
to think of a modern OS that isn't a server but simply and only a
workstation.  Even those who use Windows at home are sharing files,
which is a server/client process.

But, back to your original complaint, which was that remote services
should not be available until you login to the console.....I'm willing
to bet that *many* people who use *nix as a workstation, *even at home*,
allow *at least* ssh sessions remotely.  And there are KaZaA lovers
worldwide who are offering remote access to files, on numerous Oses,
even when they're not at home and logged in.

So, how does you complaint about Windows offering remote services
without login not apply to *nix (and other OS for that matter) as well?

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ