|
Firewall Wizards
mailing list archives
Re: Host Based Packet Filters (was: OT: The Morris worm to Nimda, how little we've learned or gained)
From: Crispin Cowan <crispin () wirex com>
Date: Mon, 07 Jan 2002 13:42:37 -0800
Bill_Royds () pch gc ca wrote:
The problem with using OpenBSD as a desktop is not security but
functionality. If I can't get the job done using the secure tools, then
the secure tools won't be used.
... When all the functionality
of software that makes enterprises work is available on a secure OS (and
MS will never make that OS), then we can convert to that OS.
We make that OS, and at a pretty decent price :-) Immunix is designed
to enhance security without compromising on functionality, by applying a
variety of tools (StackGuard, FormatGuard, RaceGuard) that limit the
exploitability of the inevitable software vulnerabilities that come with
lots of functionality.
In the absence of sneaky widgets like StackGuard, then I agree: security
inevitably ends up being a trade-off with functionality, and for most
purposes, functionality wins.
Crispin
--
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution: http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
|
Intro
