Re: Inet security

To: debian-user@lists.debian.org
Subject: Re: Inet security
From: Andrew Sackville-West <andrew@farwestbilliards.com>
Date: Mon, 9 Jul 2007 10:16:20 -0700
Message-id: <[🔎] 20070709171620.GD15565@localhost.localdomain>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 4032860.EvaAxFSbNr@ursa-major.ursine.ca>
References: <E1HyiVb-0000oC-CZ@playground.mcclains.net> <20070614180510.GA16458@localhost.localdomain> <[🔎] 4032860.EvaAxFSbNr@ursa-major.ursine.ca>

On Sun, Jul 08, 2007 at 11:05:26AM -0700, Paul Johnson wrote:
> Andrew Sackville-West wrote in Article
> <20070614180510.GA16458@localhost.localdomain> posted to
> gmane.linux.debian.user:
> 
> > On Wed, Jun 13, 2007 at 11:08:39PM -0700, Mike McClain wrote:
> >> I saw this on usenet and wonder about the validity of this statement.
> >> 
> >> 'Seriously any system is as secure as the services you export, if you
> >> have nothing listening that can do you harm you are secure...'
> >> 
> >> Disregarding email exploits and exploits through your browser is this
> >> true? Assume the hardware is inviolate.
> >> Thoughts?
> > 
> > a port with a listening service is like a locked door with a doorman
> > inside waiting to open it for whoever knocks. If they know the
> > codeword he'll open it for them.
> 
> That's how port-knocking[1] works.

you dropped the [1], but I'll google it.

> 
> > So the service (as the doorman) determines how serious the security risk 
> > is at the port (door). 
> 
> Well, in theory, yes.  The problem with this formula is that some services
> are promiscuous and don't care who they serve to (http, finger, gopher,
> etc).

indeed.

> 
> > If there is no service listening at the port, then there is no way to open 
> > that port.  
> 
> Outbound connections require ports, too!

yeah.

> 
> > Of course, since you are running Debian, there are no windows for
> > things to climb through and open the door from the inside. ;)
							       ^^
---------------------------------------------------------------^^

> 
> Don't say things like that.  What you just said there is like a Windows user
> saying, "Why should I stay patched and run antivirus software?  It's not
> like I use this computer for anything serious..."

except that it was a joke, and i so indicated. And I haven't drunk the
kool-aid, or at least I've pissed it out by now, so i understand that
I am only learning, and that's the best i can hope for. And its not as
you describe it. What you describe is a completely irresponsible
computer user who should not be allowed to use a computer because of
the damage they are causing to others through their neglect. Whereas,
what I said was that, ignoring the joke aspect, by running an
inherently more secure system, the user is in a better position than
if they were running windows. Granted, it was probably a little
sophomoric, and in the right forum would be considered inflammatory,
but it was certainly not more than what it was, a joke amongst
generally like-minded folks.

A

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Re: Inet security
  - From: Paul Johnson <baloo@ursine.ca>

Prev by Date: Re: Opera is faster, but...
Next by Date: Re: Opera is faster, but...
Previous by thread: Re: Inet security
Next by thread: Re: [OT] A significant negative impact on Linux's popularity?
Index(es):
- Date
- Thread