18, 2004 7:12 PM
To: Wes Noonan
Cc: [EMAIL PROTECTED]
Subject: RE: Religion... was RE: [Full-Disclosure] Re: January 15 is
Personal Firewall Day, help the cause
On Sun, 18 Jan 2004, Wes Noonan wrote:
> > On Sun, 18 Jan 2004, Wes Noonan wrote:
> > Why? Name one virus for Linux
> Uh, no. Where do you get that from?
>From a good chunk of the Linux admins I know.
> If you think editing configuration files and changing settings is
> "modifying
> Linux", then I can equally claim you have to "modify Windows" to harden
> it.
Sure. I've never said or implied otherwise.
>
On Sun, 18 Jan 2004, Wes Noonan wrote:
> > rp-pppoe is an old, stable product that hasn't changed in 2+ years and
> > is shipped by all major Linux distributions. People wanting support can
> > obtain it from their Linux distro vendor. (Unlike Microsoft: When
> > Microsoft end-of-lifes a produc
mailto:[EMAIL PROTECTED]
> Sent: Sunday, January 18, 2004 21:38
> To: 'David F. Skoll'; 'Wes Noonan'
> Cc: [EMAIL PROTECTED]
> Subject: RE: Religion... was RE: [Full-Disclosure] Re: January 15 is
> Personal Firewall Day, help the cause
>
> Can we please just
On Sun, 18 Jan 2004, Wes Noonan wrote:
[...]
> It seems that you have shifted focus to email filtering only. There's
> nothing wrong with this of course, but I think it shifts the discussion
> some.
That was my original topic.
[...]
> So is running any operating system. If you don't believe that
> I never said that. I said if you're running on Windows, you are insecure.
> :-)
> If you are running something else, you may or may not be insecure.
This, while you are entitled to your opinion, has no basis in fact. You can
most certainly be secure running Windows. Security isn't a uniquely Li
Noonan
Cc: [EMAIL PROTECTED]
Subject: RE: Religion... was RE: [Full-Disclosure] Re: January 15 is
Personal Firewall Day, help the cause
> Microsoft is only un-securable for those who don't know how to secure it
No. The fundamental problem with Windows is the problem that lead to
the creation
On Sun, 18 Jan 2004, Jim Race wrote:
> David F. Skoll wrote:
> > I have a very powerful heuristic on my mail server: I discard anything
> > with an .exe attachment.
> That ain't near enough.
I know, I know. I was just making a point. I nuke all the possible
"dangerous" extensions on the MS kn
David F. Skoll wrote:
I have a very powerful heuristic on my mail server: I discard anything
with an .exe attachment.
That ain't near enough. If you *really* want to get rid of Win32 stuff, try:
.386.bat.bin.cmd.com.cpl
.exe.lnk.pif.scr.shb.vbs
and if you
> A/V software that does any less is simply dangerous. There is no need for
> signatures or complex heuristics, when *any* executable arriving by e-mail
> should be treated as dynamite and disposed of safely.
It seems that you have shifted focus to email filtering only. There's
nothing wrong with
On Sun, 18 Jan 2004, Wes Noonan wrote:
[...]
> Actually, A/V software protects against both. The most obvious example is
> heuristics.
I have a very powerful heuristic on my mail server: I discard anything
with an .exe attachment.
A/V software that does any less is simply dangerous. There is
> > Security isn't about protecting against old threats; it's about
> protecting
> > against new threats.
>
> Exactly. A/V software can only protect against *old* threats, because a
> virus has to be in the signature database. Mounting /tmp noexec can
> protect against a wide class of threats (t
On Sun, 18 Jan 2004, Wes Noonan wrote:
> > On Sun, 18 Jan 2004, Wes Noonan wrote:
> > Why? Name one virus for Linux that AV software would have protected
> > against, that a noexec /tmp wouldn't have.
> Security isn't about protecting against old threats; it's about protecting
> against new thre
D] On Behalf Of Jeremiah Cornelius
> Sent: Sunday, January 18, 2004 13:20
> To: [EMAIL PROTECTED]
> Subject: Re: Religion... was RE: [Full-Disclosure] Re: January 15 is
> Personal Firewall Day, help the cause
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Sunday 18
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sunday 18 January 2004 08:51, Wes Noonan wrote:
> Security isn't about protecting against old threats; it's about protecting
> against new threats.
Oh. O.K.
I think that statement is unsupportable.
> Security is about a total process, not a speci
On Sun, 18 Jan 2004, Wes Noonan wrote:
> > (I know that someone recently released code to do a "user-space" exec,
> > so mounting /tmp noexec is not 100% foolproof, but it's pretty good
> > protection.)
> Well then, IMO you might want to invest in virus protection.
Why? Name one virus for Linux
> On Sun, 18 Jan 2004, Wes Noonan wrote:
> Why? Name one virus for Linux that AV software would have protected
> against, that a noexec /tmp wouldn't have.
Security isn't about protecting against old threats; it's about protecting
against new threats. If running virus protection has the potential
17 matches
Mail list logo
