On 06/16/99 10:55:40 AM Alex P. Rudnev wrote:
They (cisco) promised to realise ssh. Hope we'll see it in a few years, For now, install IPSEC, tunnel, bla-bla-bla, and may be you'll have a piece of security.
cisco *has* released code with ssh (ok, not released in the cisco-sense but you can get it)
Unix machine... drop all services you don't need, run your services not as the root, install secure level or read-onl.y file system - and no problems.
this is just rediculous. it's not as simple as "no problems". the things you state are rather obvious but for a system to be used as *anything* (cache, web server, video server, etc) you simply have to have certain ports open, many times simple udp ports. locking down down services/ports, and running anything you can as non-root certainly goes a long way in protecting the system but it's just not that cut and dried. i'll give you and vadim full credit for being math wizards, or scientists (which i clearly am not) but don't choose your next career in the computer/network security industry. :) -brett