On Wed, Jun 13, 2007 at 11:08:39PM -0700, Mike McClain wrote: > I saw this on usenet and wonder about the validity of this statement. > > 'Seriously any system is as secure as the services you export, if you > have nothing listening that can do you harm you are secure...' > > Disregarding email exploits and exploits through your browser is this > true? Assume the hardware is inviolate. > Thoughts? a port with a listening service is like a locked door with a doorman inside waiting to open it for whoever knocks. If they know the codeword he'll open it for them. So the service (as the doorman) determines how serious the security risk is at the port (door). If there is no service listening at the port, then there is no way to open that port. Of course, since you are running Debian, there are no windows for things to climb through and open the door from the inside. ;) A
Attachment:
signature.asc
Description: Digital signature