[linux-elitists] MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

Shawn McMahon smcmahon@eiv.com
Tue Jan 28 08:40:14 PST 2003


On Mon, Jan 27, 2003 at 07:18:34AM -0800, Wayne Earl said:
> 
> Don't fall into the "it's secure because we use crypto" trap. This is

Wouldn't dream of it.

> almost as foolish as the "it's secure because the source is open"
> trap. Fact is, Sturgeon's Law applies to software as well - 90% of
> everything is crap.

Hence why you should expose the minimum necessary; 90% of a
little is a little crap, 90% of a lot is a lot of crap.  The less
crap people can get to easily, the more likely they are to pass
you by and go pick on your competition.

If you're really lucky, that 90% crap is behind the firewall, and
the parts you're exposing are only in the 10%.  Skill and care
can substitute for a lot of luck.


-- 
Shawn McMahon         | Every time you walk out of the house
FedEx Services        | with clothes on, you give up freedom
DSS-MCO Security Lead | for temporary safety.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030128/c1005dca/attachment.pgp 


More information about the linux-elitists mailing list