lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.58.0401151533370.3843@shishi.roaringpenguin.com>
From: dfs at roaringpenguin.com (David F. Skoll)
Subject: Re: January 15 is Personal Firewall Day, help
 the cause

On Thu, 15 Jan 2004, Exibar wrote:

>  But not 100% safe though...  there are Linux viruses,

Such as ... ?

> what about all those e-mails that
> try to steal my SS# and CC#'s?

Never had one of those, because our anti-spam system blocks them.

> Education is the key, not the OS that you run or don't run.

That's not entirely true; the OS makes a huge difference.

> > A default install of a modern Linux distro includes firewalling rules
> > by default, and is fairly safe.

> there aren't any holes in that Linux distro?

There are, but none are exploitable remotely on our systems.

> there sure are, pleanty of them.  Oh, so the Personal Firewall is
> protecting the user... interesting, aren't there Personal Firewalls
> for Windows OS's?  Tons of them....

Linux has them built-in, and on modern distributions, turned on by default.

> > Because it is impossible to use Windows safely; the very design of the
> > operating system is flawed.  This is not just my opinion; it's also that
> > of Bruce Schneier and many other people, some of whom lost their jobs

>   it IS possible to use Windows safely, with Education of the user.

It's probably also possible to weld safely while standing knee-deep in
gasoline.  You just have to be really careful.

Or you can start with a secure foundation and then add user-education.

> I don't buy that you block them ONLY to save disk space and stop
> annoying messages...  don't buy it at all....

I don't care what you buy or don't buy, but it's the truth.  We don't
run Windows, so we aren't susceptible to the viruses in the wild.

> > We have since 1999, and haven't had any problem.  If you don't use
> Windows, > you don't need anti-virus software.

>  Ignorance is bliss they say...  If you honestly and truely believe
> what you say, more power to you.  I honestly hope that nothing bad
> happens to your systems due to a virus outbreak that A/V software
> would have taken care of....

There is no A/V virus designed to protect Linux systems.  There is
A/V software that runs on Linux, but it's designed to catch Windows
viruses.

I've been in the computer security business for a while now; I think
I know what I'm doing.

Regards,

David.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ