Re: Mac most secure servers?

To: debian-security@lists.debian.org
Subject: Re: Mac most secure servers?
From: Nathan Paul Simons <npsimons@fsmlabs.com>
Date: Mon, 26 Feb 2001 14:20:43 -0700
Message-id: <20010226142043.A29017@fsmlabs.com>
Reply-to: npsimons@fsmlabs.com
In-reply-to: <20010222110641.C25009@hundred-acre-wood.com>; from mikey@hundred-acre-wood.com on Thu, Feb 22, 2001 at 11:06:41AM -0600
References: <20010221132602.A24957@funk.meus0002.clipper.net> <5.0.2.1.2.20010221150546.024fa760@bible.ca> <20010221172911.A14938@mantis.autsens.localnet> <20010221154005.A28107@whaddu.com> <17016073517.20010221220947@netcom.no> <"from <20010221132602.A24957@funk.meus0002.clipper.net> <20010222092939.B12568@ch208d.cae.tntech.edu> <5.0.2.1.2.20010222105703.025ef1f0@bible.ca> <20010222110641.C25009@hundred-acre-wood.com>

On Thu, Feb 22, 2001 at 11:06:41AM -0600, Michael Scott Shappe wrote:
> MacOS up through 9.x is arguably more secure *out of the box* for the same
> reason that Windows9x is secure *out of the box* -- there's no network
> listener running as a matter of course on such a system, and no provision
> whatsoever for someone coming in from the outside and executing code. It's
> also impossible to get "shell" access by hacking into a MacOS <= 9.x,
> because there is no shell!

        I hate to flame anyone, but that's a bunch of bullshit.  Just because
there are no ports open doesn't mean you can't still crash the TCP/IP stack
of a really crappily designed OS (ie MacOS).  Trust me.  I know.  I was a 
Mac SysAdmin, and sure enough, there are absolutely *no* TCP/IP ports open
on a default install of an early version of MacOS 9, but you could still
crash the system by scanning *all* the UDP ports with nmap.
	And don't forget: even if your TCP/IP stack is okay, no one is
invulnerable to DDOS attacks (yet).

Reply to:

References:
- Re: how secure is mail and ftp and netscape/IE???
  - From: Jacob Meuser <jakemsr@clipper.net>
- how secure is mail and ftp and netscape/IE???
  - From: Steve Rudd <srudd@bible.ca>
- Re: how secure is mail and ftp and netscape/IE???
  - From: Pedro Zorzenon Neto <pzn@terra.com.br>
- Re: how secure is mail and ftp and netscape/IE???
  - From: Adam Spickler <adam@whaddu.com>
- Re[2]: how secure is mail and ftp and netscape/IE???
  - From: Gaute Gullesen <crazy-b@netcom.no>
- Re: how secure is mail and ftp and netscape/IE???
  - From: Mike Renfro <renfro@tntech.edu>
- Mac most secure servers?
  - From: Steve Rudd <srudd@bible.ca>
- Re: Mac most secure servers?
  - From: Michael Scott Shappe <mikey@hundred-acre-wood.com>

Prev by Date: Re: Mac most secure servers?
Next by Date: Re: OpenSSH fails to login if user password has expired
Previous by thread: Re: Mac most secure servers?
Next by thread: Re: Mac most secure servers?
Index(es):
- Date
- Thread