----- Original Message -----
From: "Nick Warr" <[EMAIL PROTECTED]>
To: "Tim Greer" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, July 04, 2003 12:49 AM
Subject: Re: Hack?
>
> ----- Original Message -----
> From: "Tim Greer" <[EMAIL PROTECTED]>
> To: "Carpio, Brian" <[EMAIL PROTECTED]>; "Linux Security
> <[EMAIL PROTECTED]>" <[EMAIL PROTECTED]>;
> <[EMAIL PROTECTED]>
> Sent: Wednesday, July 02, 2003 6:55 PM
> Subject: Re: Hack?
>
>
> > I also would recommend migrating over to Qmail instead of Sendmail
> (Sendmail
> > has got to be one of the worst programs ever, I think, in regards to
> > security--though it can be fairly well secured for the most part,
provided
> > you keep up to date on patches), and migrate from BIND to
tinydns/djbdns.
> > Both Qmail and djbdns have never had any exploits for all these years,
and
> > both Sendmail and BIND have had many. They are just coded so much
better.
> > --
> > Regards,
> > Tim Greer [EMAIL PROTECTED]
> > Server administration, security, programming, consulting.
> >
>
> Sendmail and BIND aren't coded badly, they're just huge programs, that do
> too much. Djbdns and qmail were designed to be as small and modular as
> possible, to limit the amount of bugs, holes, etc contained therein.
>
> It's more a matter of preplanning, and sensible design, than good or bad
> coding.
True that both Sendmail and BIND do a lot, and offer a lot, which is part of
the reason why they are insecure... but they are indeed badly
designed/coded. There's no rule that says the more features a program has,
the more insecure it is, just that it's more likely. These are pretty good
examples of that.
--
Regards,
Tim Greer [EMAIL PROTECTED]
Server administration, security, programming, consulting.
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
