Firewall Wizards mailing list archives
RE: Proxy 2.0 secure? (about ms protocol stack)
From: "Choi, Byoung" <bchoi () visa com>
Date: Fri, 26 Jun 1998 12:09:57 -0700
my statement is an empirical conclusion. i wouldn't make assumption about whether nt security holes get more publicity than others... i very much agree with you about the superior reliability of open-source software - at the worst, it's devil we know (or we are able to find out if we want to). however, aix and many commercial unix(es?) are derived from bsd/svr, and they are time-tested. unless the vendor was so moronic as to waste their time writing the whole protocol stack over, it wouldn't be unreasonable to expect similar level of performance/security attribute (this is a bit of blanket statement, i know). b- (sorry to the mailiing list folks - i sent a redundant message previously because it told me that the mess bounced back :-} ) ---------- From: tqbf () pobox com Sent: Thursday, June 25, 1998 11:00 PM To: bchoi () visa com Cc: AGrigoro () mobility com; firewall-wizards () nfr net Subject: Re: Proxy 2.0 secure? (about ms protocol stack) > ms tcp/ip stack is substantially less mature than, say, unix' (both bsd > & s5, i don't know what else is there to compare...). ms stack seems > particularly vulnerable to faulty ip fragments, and various malformed We don't know this for sure. It happens that some of the most publicized denial of service attacks on the Internet in recent history have affected Windows NT; it also happens that people pay more attention to bugs that affect Windows NT, and pay more attention to the fact that a given bug affects Windows NT (when it may affect many other operating systems). Windows NT certainly does not boast a mature TCP/IP stack --- read the archives of the tcp-impl mailing list to see some of the world's most authoritative TCP implementors explain why. However, the real reason why it's reasonable to claim that Windows NT's stack is less secure than, say, 4.4BSD's, is that we don't have access to it's source code. I'm no more confident in AIX's (to name a large commercial Unix platform at random) stack. Security software which has neither open source nor published peer review results should not be trusted. Since the industry doesn't seem to want to meet these criteria for (almost) ANY commercial security software, you take what you can get. ------------------------------------------------------------------------ ----- Thomas H. Ptacek SNI Labs, Network Associates, Inc. ------------------------------------------------------------------------ ----- http://www.pobox.com/~tqbf "If you're so special, why aren't you dead?"
Current thread:
- RE: Proxy 2.0 secure? (about ms protocol stack) Choi, Byoung (Jun 25)
- Re: Proxy 2.0 secure? (about ms protocol stack) tqbf (Jun 26)
- <Possible follow-ups>
- RE: Proxy 2.0 secure? (about ms protocol stack) Eric Arnold (Jun 26)
- RE: Proxy 2.0 secure? (about ms protocol stack) Choi, Byoung (Jun 26)