Date: Mon, 18 Nov 2002 01:52:05 -0800 From: Terry Lambert <tlambert2@mindspring.com> To: Anthony Atkielski <anthony@freebie.atkielski.com> Cc: FreeBSD Chat <freebsd-chat@freebsd.org> Subject: Re: FreeBSD: Server or Desktop OS? Message-ID: <3DD8B845.5E3BC445@mindspring.com> References: <20021117160245.U23359-100000@hub.org> <058a01c28e7c$c1af5f60$0a00000a@atkielski.com> <20021117210742.GG17611@over-yonder.net> <05c701c28e95$4c8c9c70$0a00000a@atkielski.com> <3DD8483C.4E4AD6F6@mindspring.com> <06af01c28ee7$189b5da0$0a00000a@atkielski.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Anthony Atkielski wrote:
> Terry writes:
> > It is soooooooo tempting to write an STT ("Security
> > Test Tool") for Windows systems which incorporates
> > implementations of all known remote exploits, one
> > per subroutine, with payload arguments, and then
> > Open Source it, so that people can test their
> > Windows systems for security exploits.
>
> According to CERT, Linux now leads the way in security bugs. You might want
> to write your tool for Linux instead.
There isn't some Linux geek trying to claim that Linux is "bug
free" and/or "less buggy than FreeBSD", simply because RedHat can
afford to hire beta testers for end-of-life non-release code
versions, compared to FreeBSD, which can't. There's no need to
humiliate said Linux advocate by releasing such code, as he does
not exist, and is not begging to be humiliated, by posting such
tripe on FreeBSD mailing lists.
Apparently, Microsoft just spent a lot of money getting a CCSE
evaluation, and only achieved a CAPP/EAL4, which basically means
that they OS can't be safely hooked to the Internet, without the
risk of being compromised by anyone with a "cracker's cookbook".
See: http://eros.cs.jhu.edu/~shap/NT-EAL4.html
-- Terry
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DD8B845.5E3BC445>