[ previous ] [ next ] [ threads ]
 
 From:  "Mark Spieth" <mspieth at neod dot net>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Feature request which would make m0n0wall even better ;)
 Date:  Tue, 27 Jan 2004 12:06:46 -0500
>>So here you're saying that evrything could be secure if people who
don't
>>have a clue would use the right practices and payed attention, which,
I'm
>>sorry to say, will not happen in my lifetime.
>>People have internet access. That's the way it is. Like it or not (I
>>don't).


That is my point, It won't happen so adding software to a firewall to
increase the odds of it happening is just stupid. And no just because
its patched doesn't mean its secure.


-----Original Message-----
From: Christiaens Joachim [mailto:jchristi at oce dot be] 
Sent: Tuesday, January 27, 2004 11:48 AM
To: Mark Spieth
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Feature request which would make m0n0wall even
better ;)

> From: Mark Spieth [mailto:mspieth at neod dot net]

> This is BAD BAD BAD BAD BAD! I can repeat it some more if you 
> want... A
> firewall should just be a firewall period end of story. If 
> people would
> keep things updated, then it might be a different case, But 
> they won't,
> hell I still see code red attacks out there.. 

So here you're saying that evrything could be secure if people who don't
have a clue would use the right practices and payed attention, which,
I'm
sorry to say, will not happen in my lifetime.
People have internet access. That's the way it is. Like it or not (I
don't).

> The end result is and will be that these insecure *nix boxes 
> running all
> this extra software, will get hacked, now personally if you put extra
> stuff on your firewall and it gets hacked, and the hacker then deletes
> all your companies accounting files so that you don't get a 
> paycheck, I
> really could care less, But that won't be the end of it, They 
> will then

The end result could well be that people start using some kind of easy
to
configure appliances that offer them what they need without the need to
run
a airconditioned serverroom with UPS and triple diesels.
Still this is more secure than not having anything at all between the
'net
and some 'latestWindows' machine, just because it's to complex or
expensive
to implement.

> use that hacked box to go hacking other peoples boxes including ones I
> manage and that's where I have a problem.

That's indeed where *you* have a problem. If you leave your machines
unsecured, just because m0n0wall has no samba on it, you will have a
hard
time when you wake up someday :-)

Regards,
Joachim


-----------------------------------------------
MISSION STATEMENT 
-----------------------------------------------
Oce enables its customers to manage their documents efficiently and
effectively by offering innovative print and document management
products
and services for professional environments.

-----------------------------------------------
DISCLAIMER 
-----------------------------------------------
This e-mail message and any attachment are intended for the sole use of
the
recipient(s) named above and may contain information which is
confidential
and/or protected by intellectual property rights.
Any use of the information contained herein (including, but not limited
to,
total or partial reproduction, communication or distribution in any
form) by
other persons than the designated recipient(s) is prohibited.

If you have received this e-mail in error, please notify the sender
either
by telephone (0032-2-729.48.11) or by e-mail and delete the material
from
any computer.
Oce-Belgium/Oce-Interservices is nor responsible for the correct and
complete transfer of the contents of the sent e-mail, neither for the
receipt on due time.  This e-mail message does not bring about a
contractual
obligation for Oce-Belgium/Oce-Interservices.

Thank you for your cooperation.

For further information about Oce-Belgium/Oce-Interservices please see
our
website at www.oce.be

-----------------------------------------------