Security and Views (was Re: [ot] Re: Dynamic Host DNS Registration)
Brad Knowles
brad at stop.mail-abuse.org
Wed Jul 13 09:33:05 UTC 2005
At 12:00 AM -0400 2005-07-13, Jim Logan wrote:
> My server had IMAPS, SMTP over TLS, and SSH exposed to the Internet and
> nobody ever broke in, as far as I can tell. Was I vulnerable all this
> time? How vulnerable is Mac OS X 10.2?
If you've applied the various patches that Apple has provided via
Software Update, then you're probably reasonably secure. They're
pretty good about issuing patches as soon as they can after a new
vulnerability has been published, so your exposure time should be
minimal.
That said, like all Unix and Unix-like OSes, if there is anything
on your system which you do not need, then you should not run it, and
ideally it shouldn't even be installed. Attackers can't break in via
a channel that doesn't exist.
>> For some odd reason, it's not that unusual to hear of someone doing a
>> fresh install of RH9, even now. Like anything, it CAN be secured, but
>> it's a bad plan IMO to start off with so many problems.
>
> Is Fedora more secure out of the box?
Fedora is more secure out of the box than RH9, yes. Especially
the more recent releases of Fedora Core.
More secure than a properly maintained MacOS X system? That's
more arguable.
> This is just for my home setup. The last time I administered a system
> for work was in the early 90's. :-(
I run MacOS X 10.3 personally, while professionally I administer
a variety of systems, including FreeBSD 4, FreeBSD 5, Debian, etc....
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the bind-users
mailing list