Menu
▾
▴
Re: [Devil-linux-develop] suggestions for 0.5 Beta CD layout
|
From: Martin M. <mm...@si...> - 2001-09-15 15:41:47
|
On Sat, Sep 15, 2001 at 04:54:08PM +0200, Friedrich Lobenstock wrote: > > I think you should tell those people that they might have to adapt there > point of view regarding security. Internet-Security is one chapter > that is going to be of high importance now and in the future. Well, that is out of question ... using one system solely for internet acces is an allowance these people already make. I just can't go there and tell them you have to invest this or that for being able to access the internet. I set out to help them improve the _current_ state of their security and there is having a firewall at all already an important step. Maybe you just have too little experience with groups like these, which mostly fund private donations and a sum like 200,-- DM is an issue with these kind of organisations. These groups have _no_ valuable information an their systems, that need protaction, and they rather type in their documents again than buying a backup solution that will cost them 500,-- or more. Hacking there systems is useless, you could only use them as client for a DDOS attack or something. Well, that wouldn't be nice, but it's not a big problem either. > No no. We should be able to bring this all down to a common denominator. > We could provide two different ISOs, on that runs from RAM and another one, > for those like me that like to increase the level of security, that runs > mostly from CD-ROM. See Heikos posting. Yes we surely could, but the question is is it worth it? You see I have a system that works perfectly for me, and I'm not much interested in anything else. It would only be a obstacle to compromise the development of devil-linux just because one guy who hasn't contributed a single line up to now raises issues which are contrary to the wishes of other developers. That's my attitude. So I'd be happy with any compromise we find, but just don't feel in need to find one just to keep me happy. Especially if I'm the only one want's a feature. I have neiher the time nor the motivation to invest vast amounts of time in the development of devil-linux. My idea was just, that I implement the stuff I need for my friends in devil-linux, so others gain some functionality and I save time since I don't have to maintain the whole base system. That was the reason I suggested to take part in devil-linux as a developer. I'm not set out to develop a "one size fits all" firewall solution. > Please don't get me wrong, but sometimes also those organisations have to > invest in a decent infrastructure. Not meaning that simple is bad - the > motto in Firewalldesign is KISS (keep it straight and simple). But > security consideration sometimes bite. Nope, they don't have to and they won't. So either they use an easy to maintain and cheap firewall, or they'll just use some Windows connection sharing tool. The point is _I_ know what security is and what is needed to get it. But I also found out that it's better to have insufficient security than to have none. Most of the attackers today on private systems are script-kiddies. When their attack doesn't work on a system they try another one. It's these I wanna keep out. I don't wanna develop a firewall against a guy with decent knowldge since I perfectly know I won't be able to do this anyway. bye MM Martin Mueller Phone: +49 39298 4125 e-mail: mm...@si... ICQ: 99023536 mm...@lu... PGP/GPG mail welcome, keys as well other stuff at: http://themm.net |
