On Thu, Feb 13, 2003 at 02:01:49PM -0500, Kent Borg wrote: > > With all due respect, not only is that a very misguided attitude, it's a > > dangerous one to promulgate. > > First, a point of order: if you are sincere about the "with all due > respect"-part, then don't suggest that I am a cracker.
"With all due respect", in this case, means what I said. I accord the respect due you, based on what I know. In this case, I have a serious question about either your understanding of security, or your motivations. Nothing more, nothing less. > I wrote a short post describing how to make and keep a Red Hat system > secure. I glossed over some details, but I still think it was pretty > good, and damn specific, given how short it was. And if every package is secure, and every package that SHOULD be disabled IS disabled, and there are no bugs in the kernel networking or core utilities, and there are no bugs in the configurations for a half-dozen different, and often complicated, networking applications, it should produce a secure system at the time you last audited everything and before anything changes. > You assert that it won't work. Read what I posted. I said that IF RedHat distributed a secure system, and IF you didn't break anything, and IF you understand and reliably execute all updates and changes, and IF the bad guys don't find a new vulnerability before you do, and IF you fully understand the system and how to maintain it, THEN it could work, for you. BUT that even so, you are in a more untenable and vulnerable position, in that you've given yourself a very broad, diffuse range of applications and configurations to defend. (I also assume you don't have any untrusted or questionable users on your system, who might change something of which you're unaware. AND I said that you're giving advice to newbies as if it's something they should do, and that there's no advantage to a firewall. This is irresponsible and unrealistic. Because I can't understand how anybody who's really had to deal with security and incursion attempts could really propose this approach, I posited that there is one class of individual who would benefit from promulgation of such a "security" model. If you're not in that class, good. Then you're forgiven; you just know not what you do by suggesting this approach to newbies. Running a well-configured firewall in addition to doing everything you suggest is good security practice. Suspender and belts, defense in depth, redundancy with differentiation, whatever buzz-phrase you want to use. Running two firewalls, and putting only those systems to be exposed to the 'Net through the audited bastion firewall, is excellent security practice. You get bonus points for not running your database on the same machine as the Web server accessing it. Relying on the infallibility of your software and administration as your only defense is, to be blunt--and I have been in these posts, far more than I usually am, because I'm quite worried that someone will believe your approach--naieve and dangerous. > OK, be specific. Reread what I posted. Assume that such a RH 7.0 > system has been on the internet, maintained as I described, without > a firewall, for the last two years. Tell me how it got rooted during > time. Be specific. Oh, please get real. I'm not spending that kind of time on this; I wouldn't have been drawn into this discussion if it was only your system at risk. It was your recommending this approach to others that got me worried. Maybe you, individually, are good enough to keep everything up-to-date and tight. Maybe you got lucky. Or maybe you got rooted and never knew it. -- Dave Ihnat [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list