North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Level3 routing issues?
- From: Stephen J. Wilcox
- Date: Sat Jan 25 16:38:51 2003
On Sat, 25 Jan 2003, Neil J. McRae wrote:
> > I think you are on the right lines below in suggesting that products and
> > services should be supplied safe and not require additional maintenance out of
> > the box to make them so (additional changes should make them weaker)
> There is no such thing as safe! You have control over what risks you want
> to take the aim should always be to lower them but if you want safe, pull
> the power plug, place your box in a large metal container and sink it in very
> deep waters.
Agreed but on the assumption people will connect their new PC to the Internet
the supplied OS should be appropriately configured.
> > > I don't know of an industry where costs aren't always being lowered.
> > I dont know of one where prices are below cost values such that players of all
> > sizes regularly go bankrupt and services are squeezed harder and harder.
> Microsoft and XBox is an example, lots of industries have loss
> leaders. Still waiting on evidence that most security issues are due
> to Microsoft though!
A loss leader does not cause bankruptcy, they have a profitable section to
sustain the loss making product. In our industry we just seem to run with too
small a margin.
Hmm dont think I can argue the Linux vs MS point tho, its a big can of worms!
This may be academic tho in our discussion, are you saying COLT uses MS servers
in favour of linux for its public services?
The question of which is more secure depends on numbers, application, etc I see
loads of linux patches every month that I dont install because I have not
installed or disabled most features in my OS. I believe if you count security
bulletins linux has in fact overtaken microsoft. On the other hand if you count
incidents you'll find the Codered, Nimda and probably this one too at the top of
the list. But then offset that against the market penetration MS has into joe
public.. and so on.
Heres my advice to the uninitiated. Run linux, run firewalls, disable what you
dont need and listen to folks who have real world experience.