Re: Question for the Group

In article <f5ardb$3il$01$1@xxxxxxxxxxxxxxxxx>, Michael Kraemer <M.Kraemer@xxxxxx> writes:
AEF schrieb:

Pardon my ignorance, but didn't Apple do the same? What did they do
wrong?

Certainly I do not have to repeat PC history here, or ?
It was IBM+MS+intel who lay the foundation for PCs
dominance in the 1980s. No chance for a small startup
like Apple to change that, no marketing could have done that.
They could be happy to stay at a few % of the market,
and even for that they will have to work harder and innovate faster than
the rest.


Others advertise security. Why not VMS? Why not back it up with
something? What would it hurt?

Nothing, but would it help ? Everybody claims to be "secure"
these days. Now if VMS would have some security certificate
from NSA or whoever issues such things, putting them five notches
above the usual Unix crowd, that would be something to brag about.


And those who claim security are doing better than VMS. So, if VMS
claimed security, it should do better, too, no?

Just think of a guy of those two or three academic generations
who have left unis without ever having heard about VMS.
For him, these letters would expand to "Video Management System",
or, as in google.de, to "Verkehrsverbund Mittelsachsen" which
is a public transport service in eastern germany.
He might read an ad about super-secure VMS, but
on the next page there's an ad about hyper-secure AIX
and on the next page another one touting ultra-secure Solaris.
Even if he hasn't heard about the latter two, how should he
be able to differentiate ? If there would be some official
certificate rating one high above the others, this would be at
least some differentiator.


OTOH, "security" these days means to organize your IT so
that it has minimum cross section to the evil internet,
rather than the choice of a particular OS.
Raise a firewall, hide business critical systems and
important databases etc.

Which isn't really enough.

These are by far the most important measures,
much more important than the choice of OS.
I think most security paranoid will tell you so.

No you need multiple security layers. Firewalls cannot protect you from attacks
through ports you leave open to enable the server to do it's business.
Eg If you are running a publically accessible webserver on port 80 then you
need to allow traffic through to port 80 (either directly or published via a
proxy server). If your webserver or web served applications have
vulnerabilities then the firewall provides zero protection.
Firewalls are not magic shields.
To a large extent firewalls are superfluous. You can provide pretty much the
same protection at the host level by hardening the OS and turning off
unnecessary services. However when you have a large number of systems it is
much easier to control this at a firewall rather than on every single host.

Unfortunately some businesses seem to think that the firewall really is a
magic shield and that they are therefore protected just by having one in place.
Hence they become lax on application and OS level security and put off
patching etc




David Webb
Security team leader
CCSS
Middlesex University




Make ads claiming so and that demonstrate
how VMS does more than that.


Yeah, not everyone needs clustering. But I think many would benefit
from it.

But not if it comes at the price of an obscure OS which
has little else to offer.

.

Relevant Pages

  • [REVS] Bypassing Client Application Protection Techniques
    ... Get your security news from a reliable source. ... protection programs. ... * Kerio Personal Firewall 4.0 ... And we got actually nothing in the field of client application ...
    (Securiteam)
  • Re: A firewall wont stop this one
    ... instead of port filtering with a piece of crap. ... If "some sort of protection" cannot be calculated, ... Firewall" a black-box filtering solution is meant, ... OpenSSH had security flaws, that's right. ...
    (alt.computer.security)
  • Re: Alternative to Norton Internet Security?
    ... Is there an alternative security ... 2.For the average homeuser, the Windows Firewall ... protection like SeconfigXP and practise ...
    (microsoft.public.windowsxp.general)
  • Re: Firefox, AVG, and Infections
    ... I expected total protection, but as I just learned from their tech support that's not necessarily true. ... Their firewall via DSL seems sound. ... First, the tech guy said basically you are on your own, but then clued me into their Security Suite, which I'm now downloading, and will install shortly. ... help you avoid unsafe Web sites. ...
    (microsoft.public.security.virus)
  • Re: Is it possible for someone to access my HD even though I am running a firewall?
    ... > Is there any possibility that my security has been compromised? ... A "personal" firewall is only as strong as the person that set it up. ... protection. ... understanding what they are doing. ...
    (comp.security.firewalls)