On 9 Oct 2004 at 17:15, doc wrote:
Date sent: Sat, 09 Oct 2004 17:15:47 -0400
From: doc
The new 20 Most Critical Internet Security Vulnerabilities updated list just came out: http://www.sans.org/top20/
I was shocked to read the following on another list: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Big suprise that BIND is at the top of the UNIX list :P They even mentioned it by name unlike the horrible sendmail which they just lumped in with the other buggy mail programs. This proves once again that absolutely ANY DNS server is better than BIND. Even Microsoft's." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Are Sendmail and BIND as bad as he implies or do I take this as the grumblings of an uninformed person?
Or is it just a matter of vulnerability only if one does not take proper care in the configuration phase?
I find it hard to believe that anything MS produces may be secured to a superior level of a UNix/Linux app.
Note that these are the top ten security vulnerablilities for -each- of Windows and Unix. Presenting it this way makes it look like their equal, but if the presentation was a single list of the top 20 then I suspect some of the Unix ones wouldn't be in the list at all, and also that most of the ones still in it would be in the lower half. Also, I suspect there is a problem in that mis-confiugation and program bugs are mixed in together. While the results may be the same, the causes and solutions to each problem are vastly different. Alan Lenton -- http://www.ibgames.net/alan Registered Linux user #6822 http://counter.li.org Winding Down - Weekly Tech Newsletter - subscribe at http://www.ibgames.net/alan/winding/mailing.html