Has anyone seen theese yet -wrt m'soft getting its source code hacked? About time F -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
Francesco Scaglioni wrote:
Has anyone seen theese yet -wrt m'soft getting its source code hacked?
Yep, it's all over the news here in Oz, too.
Seems they have just had a first-hand look at some of the security holes
in their own software! Some "expert" has claimed that the hack was
written with Visual C++ (how ironic!)
--
This Email is 100% Virus Free!
How do I know? Because no Microsoft
products were used to generate it!
Regards Don Hansford
ECKYTECH COMPUTING/
SQIT Warwick
Strange! AFAIK it's more or less M$ policy not to use their own OS:es for mission-critical services. Look at hotmail for example. lördag 28 oktober 2000 11:57 skrev du:
Francesco Scaglioni wrote:
Has anyone seen theese yet -wrt m'soft getting its source code hacked?
Yep, it's all over the news here in Oz, too. Seems they have just had a first-hand look at some of the security holes in their own software! Some "expert" has claimed that the hack was written with Visual C++ (how ironic!)
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
I believe MS migrated to Windows 2000 for the Hotmail services... -----Oorspronkelijk bericht----- Van: Anders Dahlqvist [mailto:dahlqvist@sundsvall.mail.telia.com] Verzonden: zaterdag 28 oktober 2000 12:36 Aan: Don Hansford CC: suse-linux-e@suse.com Onderwerp: Re: [SLE] Saturday'spapers in the UK Strange! AFAIK it's more or less M$ policy not to use their own OS:es for mission-critical services. Look at hotmail for example. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
My connections in the BSD-world tell me that they have switched the front-end to Windooze but the back-end is still Solaris. lördag 28 oktober 2000 12:47 skrev du:
I believe MS migrated to Windows 2000 for the Hotmail services...
-----Oorspronkelijk bericht----- Van: Anders Dahlqvist [mailto:dahlqvist@sundsvall.mail.telia.com] Verzonden: zaterdag 28 oktober 2000 12:36 Aan: Don Hansford CC: suse-linux-e@suse.com Onderwerp: Re: [SLE] Saturday'spapers in the UK
Strange! AFAIK it's more or less M$ policy not to use their own OS:es for mission-critical services. Look at hotmail for example.
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
Anders Dahlqvist wrote:
Strange! AFAIK it's more or less M$ policy not to use their own OS:es for mission-critical services. Look at hotmail for example.
According to the "experts" it was an IIS that let them in, after some
doofus had opened a .doc attachment with a Trojan, which proceeded to
email out all the passwords it could find.
Apparently the crackers had been in and out of there for over three
months! Doesn't anybody read the log files on the servers?
--
This Email is 100% Virus Free!
How do I know? Because no Microsoft
products were used to generate it!
Regards Don Hansford
ECKYTECH COMPUTING/
SQIT Warwick
One thing that puzzles me is how some of my Microsoft acquaintences keep
telling me how much more secure Windows NT is compared to Unix because
they have a C2 security rating from the CIA!
What a joke! I don't really know how they got it and frankly if I were
the CIA I would revoke it.
Mark
On Sat, 28 Oct 2000 06:39:31 -0400
Anders Dahlqvist
On Sat, Oct 28, 2000 at 10:17:55AM -0400, Mark Withers wrote:
One thing that puzzles me is how some of my Microsoft acquaintences keep telling me how much more secure Windows NT is compared to Unix because they have a C2 security rating from the CIA!
Correct me if I am wrong, but I believe that rating is meaningless. AFAIK it was for a standalone computer without network... Regards, Cees. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
On Saturday 28 October 2000 09:36, Cees van de Griend wrote:
On Sat, Oct 28, 2000 at 10:17:55AM -0400, Mark Withers wrote:
One thing that puzzles me is how some of my Microsoft acquaintences keep telling me how much more secure Windows NT is compared to Unix because they have a C2 security rating from the CIA!
Correct me if I am wrong, but I believe that rating is meaningless. AFAIK it was for a standalone computer without network...
Regards, Cees.
You're not wrong. And, besides not having a NIC, the standalone couldn't have a floppy either. Plus, the case had to be locked, and the box bolted down. And, if I remember correctly, the box had to be in a locked room with limited access. Duh! Could anyone do any useful work with that setup? Does a single M$ box in production use follow that security arrangement? Even at Los Alamos they store HDs behind copiers. Much more secure! ;-) JLK -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
At 10:17 AM 10/28/00 -0400, Mark Withers wrote:
One thing that puzzles me is how some of my Microsoft acquaintences keep telling me how much more secure Windows NT is compared to Unix because they have a C2 security rating from the CIA!
What a joke! I don't really know how they got it and frankly if I were the CIA I would revoke it.
NT is very secure... Just remove the floppy drive and all network connections, and forget the admin login password, it's a bit hard to get back in. :) Actually, does anyone know of a on-line FAQ that lists the definition of the CIA security ratings? I'm kinda of curious to know what the requirements are. Christopher Reimer -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
"Christopher D. Reimer" wrote:
At 10:17 AM 10/28/00 -0400, Mark Withers wrote:
One thing that puzzles me is how some of my Microsoft acquaintences keep telling me how much more secure Windows NT is compared to Unix because they have a C2 security rating from the CIA!
Actually, does anyone know of a on-line FAQ that lists the definition of the CIA security ratings? I'm kinda of curious to know what the requirements are.
You know how the real world works, some MS paid congressmen probably twisted arms at the CIA to get their "C-2" rating. Only in Microsoft's case it means you can "see too". -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
Axtually, as I understand it, the C2 rating is only valid if:
1. Certain specified harware is used.
and the killer
2. The machine is not connected to a network!!
Alan Lenton
----- Original Message -----
From: "zentara"
You know how the real world works, some MS paid congressmen probably twisted arms at the CIA to get their "C-2" rating.
Only in Microsoft's case it means you can "see too".
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
"C" == Christopher D Reimer
writes:
>> One thing that puzzles me is how some of my Microsoft >> acquaintences keep telling me how much more secure Windows NT >> is compared to Unix because they have a C2 security rating from >> the CIA! ... C> NT is very secure... Just remove the floppy drive and all C> network connections, and forget the admin login password, it's C> a bit hard to get back in. :) I know you meant this to be funny, but you are close to the truth. AFAIK, C2 level security means: (1) No network (2) No removable drives (3) No keyboard and monitor (4) Locked down by a special program. Charles -- ===================================================== One Net to rule them all, One Net to find them, One Net to bring them all, and with Linux bind them. ===================================================== -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
On Tue, Oct 31, 2000 at 03:36:38PM -0500, Charles Philip Chan wrote:
"C" == Christopher D Reimer
writes: >> One thing that puzzles me is how some of my Microsoft >> acquaintences keep telling me how much more secure Windows NT >> is compared to Unix because they have a C2 security rating from >> the CIA!
...
C> NT is very secure... Just remove the floppy drive and all C> network connections, and forget the admin login password, it's C> a bit hard to get back in. :)
I know you meant this to be funny, but you are close to the truth. AFAIK, C2 level security means:
(1) No network (2) No removable drives (3) No keyboard and monitor (4) Locked down by a special program.
Charles
Ehr... so my box was C2 certified before I set it up ! Cool <grin> -tosi ______ /---------------------------------------\ \ | Þór Sigurðsson | Tor Sigurdsson | t | | Netmaður | Network Specialist | o | |-----------------------------------------| s | | tosi@rhi.hi.is | i | \---------------------------------------/_____/ -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
Tor Sigurdsson wrote:
I know you meant this to be funny, but you are close to the truth. AFAIK, C2 level security means:
(1) No network (2) No removable drives (3) No keyboard and monitor (4) Locked down by a special program.
Charles
Ehr... so my box was C2 certified before I set it up ! Cool <grin>
Only until you took it out of the shipping crate!
--
This Email is 100% Virus Free!
How do I know? Because no Microsoft
products were used to generate it!
Regards Don Hansford
ECKYTECH COMPUTING/
SQIT Warwick
What is C2? and where can I find more info?
Dennis
@Singapore
One thing that puzzles me is how some of my Microsoft acquaintences keep
telling me how much more secure Windows NT is compared to Unix because
they have a C2 security rating from the CIA!
What a joke! I don't really know how they got it and frankly if I were
the CIA I would revoke it.
Mark
On Sat, 28 Oct 2000 06:39:31 -0400
Anders Dahlqvist
Hello, Dennis. Have a look here http://jcs.mil/htdocs/teinfo/directives/soft/ds5200.281.html. Also, if you run NT (workstation or server) and have the Resource Kit, it comes with a C2 Security Configuration Tool. It's quite interesting to see what is mandatory, what is good practice, and what seems plain daft, e.g. it will configure a logon message to warn people not to trespass in the computer (oooooh, scary !), enforce password policy (good idea) and remove the OS/2 and POSIX subsystems (has anyone ever gotten PM1.2 or Posix 1.0 stuff to run under NT anyway ? I mean really ?). Now it really is bedtime. Goodnight, one and all. Stuart. -----Original Message----- What is C2? and where can I find more info? Dennis @Singapore -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
Perhaps we can now expect proggies that make Linux newbies feel at home e.g. LX-IE, LX-OE etc. Cheers, Niels On Sat, 28 Oct 2000, Don Hansford wrote: | Francesco Scaglioni wrote: | > Has anyone seen theese yet -wrt m'soft getting its source code hacked? | | Yep, it's all over the news here in Oz, too. | Seems they have just had a first-hand look at some of the security holes | in their own software! Some "expert" has claimed that the hack was | written with Visual C++ (how ironic!) -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
participants (15)
-
alan@ibgames.com
-
cees-list@griend.xs4all.nl
-
creimer@rahul.net
-
dahlqvist@sundsvall.mail.telia.com
-
dlbt@pacific.net.sg
-
donh@halenet.com.au
-
fgs@epulse.net
-
gooober@one.net
-
jerrykreps@jlkreps.net
-
karnak@look.ca
-
stenhoj@adr.dk
-
stuart@yorkshirepudding.com
-
thomas.coppens@advalvas.be
-
tosi@suse.starf.rhi.hi.is
-
zentara@gypsyfarm.com