Firewall Wizards mailing list archives
Re: Port 37628....Is it just another port or out of the extra ordinary???
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Mon, 26 Jul 2004 17:20:01 -0400 (EDT)
pet peeve here also; for opposing reasons; vendors toss too much crap into kernels and build too many modules. if parts of the kernel/OS are even built as modules. This leave kernels and the systems they run on far to open to exploits of sub devices and parts of the kernel structure. Knowing how to build a tight and efficient lernel with only those services one needs and those modules that one will use is a requirement for effective security, on both gateway and multi-user systems.the word 'trust' should leave a bad taste in the mouth of anyone that uses the term in a security contexxt, even if applied towards the vendor. Thanks, Ron DuFresne On Mon, 26 Jul 2004, Mark Tinberg wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 23 Jul 2004, Victor Williams wrote:5. A custom kernel is always a better idea vs blindly trusting what others have compiled or let leak into theirs. I compile custom kernels for any Linux machine (serving internet content/services or not), regardless of the function.This attitude is a pet peeve of mine. Why do people assume that because they _can_ build a kernel for themselves that they must naturally be better at it then the people at RedHat, SuSE/Novell or Debian who live, sleep, eat and breathe the kernel all day long. I think that it is as much about blindly throwing away all of the work that people who maintain production quality kernels do as it is about trusting their work. Another way to put this is, in what is your trust in the vanilla kernel sources, or your builds, based? Hopefully not blind trust 8^) - -- Mark Tinberg <MTinberg () securepipe com> Staff Engineer, SecurePipe Inc. Key fingerprint = FAEF 15E4 FEB3 08E8 66D5 A1A1 16EE C5E4 E523 6C67 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQFBBVhBFu7F5OUjbGcRAg9ZAJ0SdeTOytryMxd7Rbg/QydeiEZ9fACeJMEE y09h92D5AaB9dAwhxSAkN4w= =AJW0 -----END PGP SIGNATURE----- _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 21)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Chuck Swiger (Jul 22)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 22)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Paul D. Robertson (Jul 22)
- Re: Port 37628....Is it just another port or out of theextra ordinary??? Kerry Thompson (Jul 23)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 22)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Luca Berra (Jul 22)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Devdas Bhagat (Jul 22)
- <Possible follow-ups>
- Re: Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 23)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Victor Williams (Jul 25)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Mark Tinberg (Jul 26)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? R. DuFresne (Jul 26)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Marcus J. Ranum (Jul 27)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Victor Williams (Jul 25)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Chuck Swiger (Jul 22)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? vbwilliams (Jul 26)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Mark Tinberg (Jul 26)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 26)