Re: red worm amusement
On Sat, Jul 21, 2001 at 08:51:23PM -0700, Jacob Meuser wrote:
> On Sun, Jul 22, 2001 at 12:54:49PM +1000, CaT wrote:
> >
> > You know. You're right. We should make it as difficult as possible
> > to install software. Right down to removing makefiles from source
> > repositories and rot13ing the source code because the harder it is
> > to install a piece of software, the more secure a box is.
>
> No, I'm simply saying not to start services immediately. I mean really,
That wasn't what you were saying before. You were saying that the
ease of install you get with apt-get is bad. This is a rather different
issue.
> who in their right mind starts a service without looking at the config
> files? How hard is it to add the links from /etc/rc?.d to /etc/init.d
> (isn't there script to do this anyway)?
Some packages already practice safety-first. You need to remove an
echo and an exit from the init.d once you're good and ready. This
just has to become more widespread.
Then again, most of the time I install a service (>90%) I want it
to start running immediately. apache, ftp etc I compile by hand.
> > And then the computer you just spent a few grand on will be about
> > as useful as a toaster without heating elements.
>
> That's better than them getting sued for a hell of a lot more than they
> paid for their machine because someone launched an attack from their
> machine, and they can't prove they didn't to it.
No machine is 100% secure, except those machines that do not exist.
Anyone who thinks their box is 100% secure has rocks in their heads,
regardless what OS they are running.
--
CaT (cat@zip.com.au) *** Jenna has joined the channel.
<cat> speaking of mental giants..
<Jenna> me, a giant, bullshit
<Jenna> And i'm not mental
- An IRC session, 20/12/2000
Reply to: