[ previous ] [ next ] [ threads ]
 From:  Christiaens Joachim <jchristi at oce dot be>
 To:  "'Mark Spieth'" <mspieth at neod dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Feature request which would make m0n0wall even bet ter ;)
 Date:  Tue, 27 Jan 2004 17:48:16 +0100
> From: Mark Spieth [mailto:mspieth at neod dot net]

> This is BAD BAD BAD BAD BAD! I can repeat it some more if you 
> want... A
> firewall should just be a firewall period end of story. If 
> people would
> keep things updated, then it might be a different case, But 
> they won't,
> hell I still see code red attacks out there.. 

So here you're saying that evrything could be secure if people who don't
have a clue would use the right practices and payed attention, which, I'm
sorry to say, will not happen in my lifetime.
People have internet access. That's the way it is. Like it or not (I don't).

> The end result is and will be that these insecure *nix boxes 
> running all
> this extra software, will get hacked, now personally if you put extra
> stuff on your firewall and it gets hacked, and the hacker then deletes
> all your companies accounting files so that you don't get a 
> paycheck, I
> really could care less, But that won't be the end of it, They 
> will then

The end result could well be that people start using some kind of easy to
configure appliances that offer them what they need without the need to run
a airconditioned serverroom with UPS and triple diesels.
Still this is more secure than not having anything at all between the 'net
and some 'latestWindows' machine, just because it's to complex or expensive
to implement.

> use that hacked box to go hacking other peoples boxes including ones I
> manage and that's where I have a problem.

That's indeed where *you* have a problem. If you leave your machines
unsecured, just because m0n0wall has no samba on it, you will have a hard
time when you wake up someday :-)


Oce enables its customers to manage their documents efficiently and
effectively by offering innovative print and document management products
and services for professional environments.

This e-mail message and any attachment are intended for the sole use of the
recipient(s) named above and may contain information which is confidential
and/or protected by intellectual property rights.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.

If you have received this e-mail in error, please notify the sender either
by telephone (0032-2-729.48.11) or by e-mail and delete the material from
any computer.
Oce-Belgium/Oce-Interservices is nor responsible for the correct and
complete transfer of the contents of the sent e-mail, neither for the
receipt on due time.  This e-mail message does not bring about a contractual
obligation for Oce-Belgium/Oce-Interservices.

Thank you for your cooperation.

For further information about Oce-Belgium/Oce-Interservices please see our
website at www.oce.be