> -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list- > bounces@xxxxxxxxxx] On Behalf Of Rodolfo J. Paiz > Sent: Thursday, June 24, 2004 2:23 AM > To: General Red Hat Linux discussion list > Subject: RE: Router/Firewall Recommendation > > At 12:34 AM 6/24/2004, Otto Haliburton wrote: > >Well, I guess the theory behind NAT is really simple and penetration is > very > >simple then, but I don't think so. The first level is penetrated > >automatically is a way of saying 'defeat the OS and you're in the world' > and > >that ain't no bullshit cause that is exactly what happens when you are > >hacked. You don't try to penetrate the defense, you penetrate the OS > then > >shutdown the defense, get it. With the little blue box as you call it. > If > >it fails then the network is lost period because all ip's are lost. > > Apples and oranges, hence irrelevant. No relation between hacking a box > and > the box failing. > > 1. The LBB has an OS as well (see the Linksys WRT54G router, it > runs Linux!), and even the ones in firmware have OS-level capabilities for > what they do. So both the LBB and the Linux box *can* be hacked. Whether A > or B has or has not *yet* been hacked is another argument, but claiming > that one is perfect and the other is awful is just unreasonable no matter > which side of the argument you prefer. > > 2. You said that "if the little blue box [...] fails" and > explained that the boxes behind it are now secure since they are now cut > off from the world. Well, no shit, Sherlock! OF COURSE if the box fails > then everyone behind it is cut off and is thus "secure". If *any* router > or > firewall fails then the same thing happens. But we're talking about > vulnerabilities, not failure. Your point has no value. > > >Routers are not perfect but they are a cheap nearly perfect > >solution. > > Weren't you saying just two messages ago that routers have problems, that > they're "very vulnerable", etc.? Now it's just *your* favorite routers > that > are "a cheap nearly perfect solution"? I call bullshit... again, and for > about the fifth time I think. > > >I don't like be called wrong and I am generally not, it takes all > >of 15 minutes to get excellent security, vs 20 months of building > security. > > Oh, gee, now isn't *that* humble. Take your ego out of the equation and > look at the nice, extreme things you are saying. Try to prove one or any > of > them, and argue them consistently and without mixing issues. See how far > you get then. > > I'm done. Anyone reading this thread (including you) who has enough sense > to come in out of the rain should see the arguments on both sides and have > made up their mind by now. I need some sleep, and I'm leaving on a trip > for > three days so I'll be offline. > > Enjoy your LBB, as will some of my customers since they are nice little > boxes. Others will enjoy their Linux boxes. And enjoy your hubris while it > lasts. > > > -- > Rodolfo J. Paiz > rpaiz@xxxxxxxxxxxxxx > http://www.simpaticus.com > you have a tendency to exaggerate. Remember moderation is the key to happiness!!!! -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
