No, what that says is that every MORON MCSE thinks they can
run a *nix box because good ol bill said so.
They run old versions of software and get compromised.
Fact.
"look jim bob, i learned to type in 'ls' at the prompt',
take that Mr. Gates and your MCSE."
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Chuck Larrieu
> Sent: Monday, May 07, 2001 11:38 PM
> To: [EMAIL PROTECTED]
> Subject: RE: linux on a 2500 ? Was: Programming under IOS [7:3362]
>
>
> Check out http://www.attrition.org/mirror/attrition/
>
> Interesting to read the history files. It would appear that
> nearly half of
> compromised servers are NOT Wintels. Which says a lot about
> the security of
> ALL operating systems.
>
> Chuck
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Monday, May 07, 2001 8:09 PM
> To: [EMAIL PROTECTED]
> Subject: Re: linux on a 2500 ? Was: Programming under
> IOS [7:3362]
>
> Of course if the source is open, it has more eyes looking at
> it (than say M$
> software which seems to be having a new security announcement
> every week
> right now).
>
> --
> Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
> List email: [EMAIL PROTECTED]
> Homepage: http://jason.artoo.net/
>
>
>
> ""Allen May"" wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Being a Libra I have to agree & disagree about open source.
> Open source
> > also allows the good hackers to find exploits much more
> easily by reverse
> > engineering the whole process. Open source is very cool
> for application
> > design but gives too much information to those with more destructive
> > tendencies.
> >
> > Just my re-contribution of 2 cents out of my stockpile I
> collected ;)
> >
> > ----- Original Message -----
> > From: "Control Program"
> > To:
> > Sent: Sunday, May 06, 2001 9:19 PM
> > Subject: Re: linux on a 2500 ? Was: Programming under IOS [7:3362]
> >
> >
> > > On Sun, May 06, 2001 at 01:28:25PM -0400, Chuck Larrieu wrote:
> > > > Without getting into the relative merits of router
> running open versus
> > > > closed code, or the obvious cost issue, what would be
> the advantage
> of
> > a
> > > > Linux OS versus IOS?
> > >
> > > Why not consider open versus closed source code? The public
> availability
> > of
> > > operating system source code is an enormous advantage
> that Linux systems
> > > (and a variety of others like Mach and the FreeBSD/NetBSD/OpenBSD
> family)
> > > have over their proprietary counterparts. Source
> availability enables
> > rapid
> > > development by allowing for higher-quality feedback from
> people who
> aren't
> > > directly involved with development. Anyone, anywhere,
> can submit a
> patch
> > to
> > > the development team - as well as to the public - to
> correct a bug or
> add
> > a
> > > feature. This has proved invaluable in security circles;
> in some cases,
> > > kernel-level fixes have been written and made available
> within two to
> > three
> > > hours of the discovery of a new security vulnerability.
> > >
> > > Source availability allows for advanced troubleshooting
> in the event
> that
> > > you trace your problem to an operating system bug. With
> proprietary
> > > alternatives, your only recourse is to notify technical
> support and hope
> > the
> > > developers get around to fixing your bug before it's too
> late to matter.
> > > The same reasoning applies to adding new features or
> customizations.
> > >
> > > It is rapidly becoming clear that public availability of
> program source
> > code
> > > directly affects the quality of that code. Such availability
> effectively
> > > distributes the 'development load' among many more
> people, with all the
> > > attendant benefits that distributed processing implies.
> > >
> > > Some other immediate benefits of using something like a
> Linux-based
> system
> > > on router hardware include instant support for and
> compatibility with
> > > existing OS file formats and filesystem types; a much
> greater ability to
> > > 'tune' your kernel image to your specific situation,
> providing decreased
> > > image size and situationally-optimized performance; the
> potential for
> much
> > > more advanced user interface features; and immediately
> available tools
> > that
> > > can be easily modified and cross-compiled to run on
> router hardware
> > > (tcpdump, packet generators, netcat, intrusion detection
> utilities,
> ...).
> > >
> > >
> > > > Doesn't the "OS" have to be an inherent part of the
> "IOS" in any case?
> I
> > > > presume that Cisco boxes operate as do any Von Neuman based
> > architectures,
> > > > and that the IOS is really more an application that is
> loaded via the
> > boot
> > > > proms, where the "operating system" resides? Am I
> completely out of
> the
> > > > water here?
> > >
> > > I don't know if you're out of the water, but I was unable
> to make sense
> of
> > > this paragraph. Perhaps you mean to ask about the
> difference between
> IOS
> > > and other operating systems like Unix/Linux? In that
> case, there's
> really
> > > no difference at all - IOS is an operating system like any other,
> although
> > > more specialized than Unix. Unix does, however,
> separates the kernel
> > > (low-level hardware support, core I/O, and processor and memory
> > management)
> > > from user-level applications such as the shell (CLI),
> shared libraries,
> > and
> > > daemon processes such as inetd (the Internet protocol
> super-server) and
> > > cron. Because of its historically specialized nature, IOS melds
> 'kernel'
> > > functionality with 'application' functionality.
> > >
> > > Experience has shown that the modular design approach
> scales much better
> > in
> > > the long run.
> > >
> > >
> > > > In raw terms of what is happening on a router, does a
> Linux based OS
> > versus
> > > > whatever the Cisco IOS is really matter? in terms of
> code size? In
> terms
> > of
> > > > router speed?
> > >
> > > This is purely a 'one OS against another' issue. Is Windows 2000
> 'better'
> > > than Linux if you have an Intel box? Despite the
> religious handwaving
> of
> > > the advocacy-inclined, the fact is it depends on what you
> want to do.
> > >
> > > In addition and again, having more than one alternative
> available has
> > > historically proven vastly beneficial to hardware lifetime and
> acceptance.
> > >
> > >
> > > > The IOS, as best I can guess, has it's roots in C.
> > >
> > > It is written in C (and assembler), as is Linux.
> > >
> > >
> > > > web link below, there aren't a lot of features in these
> Linux OS's
> > either.
> > > > I suppose over time that will be resolved, but at what
> cost in terms
> of
> > OS
> > > > image size?
> > >
> > > As discussed earlier, image size is much less of a
> concern with Linux
> > right
> > > now than IOS. The ability to situationally optimize a given image
> allows
> > > you to include exactly the features you need,
> contributing to efficiency
> > in
> > > space (image size and memory footprint) and time (performance).
> > >
> > > Furthermore, the Linux architectural approach is modular.
> Most kernel
> > > functions are now available as loadable modules which can
> be dynamically
> > > loaded and unloaded during runtime.
> > >
> > >
> > > > writing for a Cisco box, they have to ensure
> compatibility in every
> > > > way shape and form with other Cisco boxes,
> > >
> > > What kind of compatibility? Network protocol-wise?
> That's the reason
> why
> > > standards and open specifications exist - they promote
> interoperability.
> > > That's why, in a different OS implementation, you'll get
> OSPF and BGP,
> but
> > > not EIGRP.
> > >
> > > In the realm of the 'implementation dependent,' there are
> bound to be
> > > interoperability issues. This transcends the 'Linux vs.
> IOS' question;
> > it's
> > > a general fact of "intercomputing." The Linux people are
> probably more
> > > experienced at generating 'illicit compatibility'
> (interoperability in
> > spite
> > > of the unavailability of specifications, design documents
> or source
> code)
> > > than anyone else.
> > >
> > >
> > > --
> > > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > > Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3540&t=3362
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
