FW: IBM To Resell Red Hat's Linux Software - 8.1 available in November?
"Another byproduct of IBM's increased support for Red Hat could be to let customers judge Linux packages based upon features rather than support, says Holger Dyroff, general manager of SuSE Inc. Dyroff says this won't be a problem because SuSE plans to announce the newest version of its Linux operating system in November. " -----Original Message----- From: Fred A. Miller [mailto:fm@cupserv.org] Sent: 17 September 2002 16:33 To: fm@cupserv.org Subject: IBM To Resell Red Hat's Linux Software -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 IBM To Resell Red Hat's Linux Software IBM and Red Hat Linux Inc. got cozier Monday, announcing an extended partnership alliance under which IBM will throw the weight of its Global Services unit behind sales and support of the Red Hat Advanced Server Linux operating system on IBM's eServer product line. http://update.informationweek.com/cgi-bin4/flo?y=eIt20Bce7K0V20BiQw0AT - -- Fred A. Miller Systems Administrator Cornell Univ. Press Services fm@cupserv.org, www.cupserv.org - --- SuSE Linux v8.0 Pro, KMail 1.4.3--- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj2HS0gACgkQB9vk4ichYXdzUQCfQE0L+SXmgWVq50B1CztLegxz 1jgAoIXFzPJq7DmFlkkxeslcOu4Vw/ku =Bxf/ -----END PGP SIGNATURE----- ------------------------------------------ Confidentiality Notice & Disclaimer ------------------------------------ This e-mail is confidential and intended only for the addressee(s) shown. If you are not an intended recipient, please be advised that any use, dissemination, forwarding or copying of this e-mail is strictly prohibited. Internet e-mails are not necessarily secure and Information Systems Associates Ltd does not accept responsibility for changes made to this message after it was sent. Please note that incoming and outgoing electronic mail messages may be monitored. Should you receive this transmission in error, notify the sender immediately. All reasonable precautions have been taken to ensure no viruses are present in this E-mail. As Information Systems Associates Ltd cannot accept responsibility for loss or damage arising from the use of this E-mail or attachments we recommend that you subject these to your virus checking procedures prior to use.
* Clifford Okoro (Clifford.Okoro@isa.co.uk) [020917 09:28]: ::"Another byproduct of IBM's increased support for Red Hat could be to ::let customers judge Linux packages based upon features rather than ::support, says Holger Dyroff, general manager of SuSE Inc. Dyroff says ::this won't be a problem because SuSE plans to announce the newest ::version of its Linux operating system in November. " Linuxtoday.com just had a PR release that says SuSE 8.1 will be available Oct. 7th. -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
I don't mind paying another $80 to upgrade as long as it's a major upgrade. But if it's only a 50% change or less, I would hope they could offer an "upgrade" version for maybe 1/2 the price or so. How old is 8.0? 8 months or so? Tom On Tue, 2002-09-17 at 11:50, Ben Rosenberg wrote:
* Clifford Okoro (Clifford.Okoro@isa.co.uk) [020917 09:28]: ::"Another byproduct of IBM's increased support for Red Hat could be to ::let customers judge Linux packages based upon features rather than ::support, says Holger Dyroff, general manager of SuSE Inc. Dyroff says ::this won't be a problem because SuSE plans to announce the newest ::version of its Linux operating system in November. "
Linuxtoday.com just had a PR release that says SuSE 8.1 will be available Oct. 7th.
-- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
-- Tom Nielsen Neuro Logic Systems 805.389.5435 x18 www.neuro-logic.com
On Tue, 2002-09-17 at 13:17, Tom Nielsen wrote:
I don't mind paying another $80 to upgrade as long as it's a major upgrade. But if it's only a 50% change or less, I would hope they could offer an "upgrade" version for maybe 1/2 the price or so.
Then you buy the update. Just a bit more than half price for all the software. -- Time is the best teacher. Unfortunately it kills all its students.
On Tue, 2002-09-17 at 15:17, Tom Nielsen wrote:
I don't mind paying another $80 to upgrade as long as it's a major upgrade. But if it's only a 50% change or less, I would hope they could offer an "upgrade" version for maybe 1/2 the price or so.
How old is 8.0? 8 months or so?
8.0 came out in April in the U.S. making it about 6 months old when 8.1 gets released. SuSE has long offered a Pro upgrade for US$49 compared to US$79 for the full box with manuals. I always buy the box, partly because I want the manuals and partly because I want to support SuSE. Best Regards, Keith -- LPIC-2, MCSE, N+ Once in a moment, it all comes to you As soon as you get it, you want something new Got spam? Get spastic http://spastic.sourceforge.net
* Tom Nielsen
I don't mind paying another $80 to upgrade as long as it's a major upgrade. But if it's only a 50% change or less, I would hope they could offer an "upgrade" version for maybe 1/2 the price or so.
How old is 8.0? 8 months or so?
Professional version is available, cd's only, for us$49.85 + us$9.95 shipping. -- Patrick Shanahan Registered Linux User #207535 @ http://counter.li.org
* Tom Nielsen (tom@neuro-logic.com) [020917 12:30]: ::I don't mind paying another $80 to upgrade as long as it's a major Why not get the upgrade version? It's 1/2 the price of the Pro pkg but has the same software. -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
Boy! I go to lunch, come back and I'm flooded! Whew. I guess I'll be buying the upgrade. I never knew there was an upgrade. (Duh). Do I get it from Suse or can I buy it at CompUSA? Thanks to all for the info. I can take my wife out to dinner with the money I save! <grin> Tom On Tue, 2002-09-17 at 12:42, Ben Rosenberg wrote:
* Tom Nielsen (tom@neuro-logic.com) [020917 12:30]: ::I don't mind paying another $80 to upgrade as long as it's a major
Why not get the upgrade version? It's 1/2 the price of the Pro pkg but has the same software.
-- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
-- Tom Nielsen Neuro Logic Systems 805.389.5435 x18 www.neuro-logic.com
* Tom Nielsen (tom@neuro-logic.com) [020917 14:01]: ::Boy! I go to lunch, come back and I'm flooded! Whew. :: ::I guess I'll be buying the upgrade. I never knew there was an upgrade. ::(Duh). Do I get it from Suse or can I buy it at CompUSA? :: ::Thanks to all for the info. I can take my wife out to dinner with the ::money I save! <grin> Yes, you order this directly from SuSE. It's not available through retail stores like CompUSA. -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
I've been issued with a challenge..... A friend has just put satellite internet access in, and is running a firewall called "ZoneAlarm" (or Zonealert, can't remember). He's got a fixed IP, and has challenged me to prove that Windows is less secure than Linux by breaking into his machine and leaving a non-destructive message in his AUTOEXEC.BAT file...:-) Then I can talk to him about converting to Linux...:-) Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go.
Have him load up his machine and just delete Autoexec.bat. Point out to him that any normal user couldn't do such a thing to a Linux machine because they don't have the permissions to. Not exactly breaking in, but a lot of security problems do originate from friends using the computer or family, or anyone else who can turn it on, not just the net... On Tue, 2002-09-17 at 17:31, Jon Biddell wrote: I've been issued with a challenge..... A friend has just put satellite internet access in, and is running a firewall called "ZoneAlarm" (or Zonealert, can't remember). He's got a fixed IP, and has challenged me to prove that Windows is less secure than Linux by breaking into his machine and leaving a non-destructive message in his AUTOEXEC.BAT file...:-) Then I can talk to him about converting to Linux...:-) Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go. -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Jon, When you want to start a new topic, please create a NEW message, not a reply to another message with a changed subject line. Those of us with threading mail readers get your message linked to a completely different thread---quite annoying. Thanks, Jim Cunning PS: You're gonna get two copies of this, one from me and one from the list--sort of like a 1--2 punch. J.
At 17/09/2002 15:25, Jim Cunning wrote:
Jon,
When you want to start a new topic, please create a NEW message, not a reply to another message with a changed subject line. Those of us with threading mail readers get your message linked to a completely different thread---quite annoying.
Ouch... I have been duly castigated... I didn't realise I'd hit REPLY... Jon
On Tuesday 17 September 2002 17:31, Jon Biddell wrote:
I've been issued with a challenge.....
A friend has just put satellite internet access in, and is running a firewall called "ZoneAlarm" (or Zonealert, can't remember). He's got a fixed IP, and has challenged me to prove that Windows is less secure than Linux by breaking into his machine and leaving a non-destructive message in his AUTOEXEC.BAT file...:-)
Then I can talk to him about converting to Linux...:-)
Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go.
Yes, you simply ride in on an app he already have running. ZoneAlarm is an application f/w which monitors access from applications. But like all other f/w's it will let some communication through. In this case you attach something to an email, and/or you can have him visit your server which has a offline page with your hack on it. In other words if the f/w allows email to go through you can ride on it. ZoneAlarm probably is set to let through Outlook so he can get his email. Messengers are also known for having a very insecure protocol. To find a good hacking pgm is not really what I like to offer but you can join a security list like bugtraq and discover the latest hacks. Beware that some pgms (like BackOrifice) can bite you too. There are a good number of tools used by scriptkiddies (people who don't know how but executs scripts that does the hacking for them, usually young.) Hacking computers is not something done lightly as consequences can be bad. The Fed's could get involved, the ISP could press charges... Never hack someone without a well written agreement. If your friend REALLY want to be hacked he could post a challenge, but it would be a dumb thing to do as he would be fried. Asking someone who does not know how, is a good way of ensuring you don't get the truth about the situation. Do some search for IE and Outlook hacks online and then direct your friend to them. This is much safer and if he does not bite he's either too ignorant or a fool. (Maybe both :) -- Steve _____________________________________________________________ HTML in e-mail is not safe. It let's spammers know to spam you more, and sets you up for online attack through IE 4.x and above. Using HTML in e-mail promotes it as safe to the uninitiated.
Then I can talk to him about converting to Linux...:-)
Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go.
On a side note linux is no more secure than windows, despight the hooplah. What makes a secure system is proper security auditing. Typically our servers Our patched or reconfigured once a month to fix some possible exploit. Windows on The other hand likes to give the impression that it is secure out the box which it is Not. In my experience MS is a little slower at providing bug fixes than linux vendours.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The actual reasoning behind your statement is that since NT 4.0's inception...it was touted as an operating system that can be administered by anybody. i.e....there is no experience needed to administer a NT node and/or network. Given this selling point, it and the various systems since; have been developed under the premise that it should be easily deployable within a normal network environment. Which, i hate to admit......has been achieved. Linux, as well as the other *NIX variants; had originally been developed for the more advanced hobbyists and IT professionals. With this in mind; it has been deployed in a more secure manner (on average). This is becomingly increasingly untrue though......check out the uproar about the OS X phenom. Thus, the analogy of an insecure Windows environment is true.....but not for the reasons as ususally stated. On Tuesday 17 September 2002 17:49, Rowan Reid wrote:
Then I can talk to him about converting to Linux...:-)
Anyone have any clues about this program ? I've tried all
the obvious
telnet / ssh tricks, and no go.
On a side note linux is no more secure than windows, despight the hooplah. What makes a secure system is proper security auditing. Typically our servers Our patched or reconfigured once a month to fix some possible exploit. Windows on The other hand likes to give the impression that it is secure out the box which it is Not. In my experience MS is a little slower at providing bug fixes than linux vendours.
- -- Thomas Jones i-Null.com Network Administrator -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9h74J9w7alPkpvvsRAmDfAKC1ItVALtJHTkeYUFKoVDUlFInbwACgv9ko 4Vu/DFtMmDRnW6OSz35n0Lc= =3TUu -----END PGP SIGNATURE-----
At 17/09/2002 18:50, steve wrote:
On Tuesday 17 September 2002 17:31, Jon Biddell wrote:
I've been issued with a challenge.....
Thanks for all that information Steve... Yes, I agree it could be "dangerous", but it will ultimately prove to him that Windows is insecure... -------------------------------------------------------------------------- "The only secure Microsoft software is what's still shrink-wrapped in their warehouse..."
On Tuesday 17 September 2002 04:27 PM, Jon Biddell wrote:
"The only secure Microsoft software is what's still shrink-wrapped in their warehouse..."
If even that. I believe that one of their fabu products shipped from the warehouse with the added benefit of a wonderful virus embedded in it, some years back. I think the "product" was micro$oft works or m$ office.
* - (hbwebb@citlink.net) [020917 22:26]: ::On Tuesday 17 September 2002 04:27 PM, Jon Biddell wrote: ::> "The only secure Microsoft software is what's still ::> shrink-wrapped in their warehouse..." :: :: If even that. I believe that one of their fabu products shipped from the ::warehouse with the added benefit of a wonderful virus embedded in it, some ::years back. I think the "product" was micro$oft works or m$ office. It wasn't a couple years back. It was about 6 months ago. It was a whole slew of Visual Studio .NET cd's. :) -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
On Tuesday 17 September 2002 10:29 pm, Ben Rosenberg wrote: That may be so Ben, but the B$ product im talking about was office 98, I think. Thanks for the Visual stupidio update though.
* - (hbwebb@citlink.net) [020917 22:26]: ::On Tuesday 17 September 2002 04:27 PM, Jon Biddell wrote: ::> "The only secure Microsoft software is what's still ::> shrink-wrapped in their warehouse..." :: :: If even that. I believe that one of their fabu products shipped from :: the warehouse with the added benefit of a wonderful virus embedded in :: it, some years back. I think the "product" was micro$oft works or m$ :: office.
It wasn't a couple years back. It was about 6 months ago. It was a whole slew of Visual Studio .NET cd's. :)
-- Be positive and you will prevail. http://www.tuxgames.com http://www.suse.com http://www.linuxformat.co.uk/ http://www.linuxjournal.com/
On Wed, 18 Sep 2002 07:31:34 +1000
Jon Biddell
I've been issued with a challenge.....
A friend has just put satellite internet access in, and is running a firewall called "ZoneAlarm" (or Zonealert, can't remember). He's got a fixed IP, and has challenged me to prove that Windows is less secure than Linux by breaking into his machine and leaving a non-destructive message in his AUTOEXEC.BAT file...:-)
Then I can talk to him about converting to Linux...:-)
Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go.
Use the "spy vs. spy" approach. Just say "oh , gee I guess I can't do it, you win." Then wait until the next party at his house, and when he isn't looking just edit the file. If you want to get him over the net, the best approach would be to send him a "custom word macro" in an email, to do it. I can't help you with the details, but getting an attachment into his machine, which is "auto-executed" by the system is the easiest. -- use Perl; #powerful programmable prestidigitation
Use the "spy vs. spy" approach. Just say "oh , gee I guess I can't do it, you win." Then wait until the next party at his house, and when he isn't looking just edit the file.
If you want to get him over the net, the best approach would be to send him a "custom word macro" in an email, to do it. I can't help you with the details, but getting an attachment into his machine, which is "auto-executed" by the system is the easiest.
Nah, he's at least intelligent enough, despite his love ot Outlook and HTML email, to NOT run an executable or open anything with macros enabled... :-(
The document below is something every Windows sys admint who feels he has a secure network should know. The fact that there are houndreds of unpatched windows system at the end of various DSL, and cable modem connection is scary. The information below is available to anyone doing a search on the web and really only applies to unpatched systems. But it does show the means, tactics, and mothods of would be hackers. ftp://ftp.studio3arc.com/pub/wardoc.txt Rowan Reid Job Captain, Systems Administrator STUDIO 3 ARCHITECTS 909 982 1717
And ZoneAlarm will prevent such dangerous attachments from being opened accidentally. On Wednesday 18 September 2002 00:42, Jon Biddell wrote:
Use the "spy vs. spy" approach. Just say "oh , gee I guess I can't do it, you win." Then wait until the next party at his house, and when he isn't looking just edit the file.
If you want to get him over the net, the best approach would be to send him a "custom word macro" in an email, to do it. I can't help you with the details, but getting an attachment into his machine, which is "auto-executed" by the system is the easiest.
Nah, he's at least intelligent enough, despite his love ot Outlook and HTML email, to NOT run an executable or open anything with macros enabled...
:-(
-- Frits J. Wüthrich (Sent with Kmail)
I don't think this is a good idea. You are basically asking the group here to hack someone's computer. I don't think we are that kind of group, and if the answer (if there is one) were to be published here, it's quite likely that SuSE woud be sued bigtime, as lots of computers would be hacked by the dimbulbs of the world. On the other hand, it would be very useful for anyone to try and hack ZoneAlarm (its proper name) on a local network machine, and send the results to the manufacturer. That would make it work better, and be beneficial, rather than harmful. At 07:31 09/18/2002 +1000, Jon Biddell wrote:
I've been issued with a challenge.....
A friend has just put satellite internet access in, and is running a firewall called "ZoneAlarm" (or Zonealert, can't remember). He's got a fixed IP, and has challenged me to prove that Windows is less secure than Linux by breaking into his machine and leaving a non-destructive message in his AUTOEXEC.BAT file...:-)
Then I can talk to him about converting to Linux...:-)
Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go.
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
At 17/09/2002 20:22, Doug McGarrett wrote:
I don't think this is a good idea. You are basically asking the group here to hack someone's computer. I don't think we are that kind of group, and if the answer (if there is one) were to be published here, it's quite likely that SuSE woud be sued bigtime, as lots of computers would be hacked by the dimbulbs of the world.
Yes, I can see your point - I just thought that this would be the best and most knowledgable place to pose the question. Jon
Instead of hacking his computer, which could cause lots of issues, why not just put it a simple way. Ask him how many Trojans he has gotten and/or could get on windows that would open it up to keystroke logging and backdoors. Then show him how few, and how hard it is to get one in Linux. Who needs to hack when you have an open door ;) BTW, both Solaris secure edition, and windows 2000 are class C government classified O/S' But, I did not see any Linux distro's in that list. But, it doesn't mean much, especially since it takes microsoft 2-3 times as long to patch their systems, if at all, then the Linux community. That's one thing I like about open-source, bugs are found fairly fast, and fixed even faster. Just my 2c :)
On Tuesday 17 September 2002 21:19, Jeric wrote:
BTW, both Solaris secure edition, and windows 2000 are class C government classified O/S' But, I did not see any Linux distro's in
Yeah, right! NOT. Read the fine print. It's only certified when not connected to an network!! -- Steve _____________________________________________________________ HTML in e-mail is not safe. It let's spammers know to spam you more, and sets you up for online attack through IE 4.x and above. Using HTML in e-mail promotes it as safe to the uninitiated.
::> BTW, both Solaris secure edition, and windows 2000 are class C ::> government classified O/S' But, I did not see any Linux distro's in Yes, well. When the NSA gets SELinux fully fleshed out..you'll see some. Besides..you do know that those certs costs lots of $$$$ to obtain. Do you really think that a Linux distribution can pay that insane amount of cash. Not right now. Funny thing is...to this day I still get scanned about 40-100 times a day by nimda or codered infected Windows servers. And for all the hoopla I've been scanned once by a Slapper.worm infected Linux box. :) -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
day by nimda or codered infected Windows servers. And for all the hoopla I've been scanned once by a Slapper.worm infected Linux box. :)
So what is it about Linux that takes a "server" and turns it into a "box"?? I have heard this from so many people.....They always use the word "machine" or "server" or "computer" for Windows....and for poor Linux...always a box!! Come on....Linux has the right to be installed on a computer as well! Any history behind it? Salman
On Wednesday 18 September 2002 20:20, Salman Khilji wrote:
day by nimda or codered infected Windows servers. And for all the hoopla I've been scanned once by a Slapper.worm infected Linux box. :)
So what is it about Linux that takes a "server" and turns it into a "box"?? I have heard this from so many people.....They always use the word "machine" or "server" or "computer" for Windows....and for poor Linux...always a box!! Come on....Linux has the right to be installed on a computer as well!
Any history behind it?
Salman
That's because it's a magic box that will do almost everything you ask. Henry -- When I discovered Linux I also discovered that I didn't need Microsoft anymore. SuSE 8.0 Linux user # 95851
* Salman Khilji (skhilji@tampabay.rr.com) [020918 15:26]: ::> day by nimda or codered infected Windows servers. And for all the hoopla ::> I've been scanned once by a Slapper.worm infected Linux box. :) :: :: ::So what is it about Linux that takes a "server" and turns it into a "box"?? I ::have heard this from so many people.....They always use the word "machine" or ::"server" or "computer" for Windows....and for poor Linux...always a box!! ::Come on....Linux has the right to be installed on a computer as well! :: ::Any history behind it? Everyone I work with calls computers boxes. And the old Sun Sparc 20's were the size of pizza boxes and those are called..pizza boxes. It's just a thing. I can't remember when I started saying it..prolly 10 years ago. But I usually call Windows machines Wintendos...so no box involved. ;) -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org Tell me what you believe.. I tell you what you should see.
Actually the "fine print" in the NSA document specifically states that a network environment was one of the test criteria that was used in order to obtain its score. Look, I'm not stating an opinion, just what I read (and I'm not saying I believe it either!). Personally, I think that microsoft has too many lobbyists in Washington and the skewed the results ;) : -----Original Message----- : From: steve [mailto:steve@itcom.net] : Sent: Tuesday, September 17, 2002 11:47 PM : To: suse-linux-e@suse.com : Subject: Re: [SLE] OT: ZoneAlarm : : : On Tuesday 17 September 2002 21:19, Jeric wrote: : > BTW, both Solaris secure edition, and windows 2000 are class C : > government classified O/S' But, I did not see any Linux distro's in : : Yeah, right! NOT. Read the fine print. It's only certified when not : connected to an network!! : : -- : Steve : : _____________________________________________________________ : HTML in e-mail is not safe. It let's spammers know to spam you more, : and sets you up for online attack through IE 4.x and above. : Using HTML in e-mail promotes it as safe to the uninitiated. : : : -- : Check the headers for your unsubscription address : For additional commands send e-mail to suse-linux-e-help@suse.com : Also check the archives at http://lists.suse.com : Please read the FAQs: suse-linux-e-faq@suse.com : : :
Zone Alarm is made by Zone Labs (http://www.zonelabs.com) and it is a fine product. It is the only software firewall I know for Windows that blocks OUTGOING traffic as well as incoming traffic, thereby providing an extra level of protection in the event your Windows PC is already compromised. Steve Gibson wrote a review of Windows software firewalls. His site is http://www.grc.com. Windows is less secure than Linux out of the box, that's why Zone Labs makes lots of money selling Zone Alarm! Windows with Zone Alarm properly configured is pretty darn secure. You may need to argue semantics with your friend to win your bet here! On Tuesday, September 17, 2002 05:31 pm, Jon Biddell wrote:
I've been issued with a challenge.....
A friend has just put satellite internet access in, and is running a firewall called "ZoneAlarm" (or Zonealert, can't remember). He's got a fixed IP, and has challenged me to prove that Windows is less secure than Linux by breaking into his machine and leaving a non-destructive message in his AUTOEXEC.BAT file...:-)
Then I can talk to him about converting to Linux...:-)
Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go.
-- _________________________________________________________ Another Message From... L. Mark Stone Email: LMStone@LMStone.com Web: http://www.lmstone.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This statement by far is very inaccurate. I can off the top of my head.....name at least four more that perform different types of internal traffic auhtorization. IMHO...ZA is a decent remedy for the average user. But, the majority of advanced users will probably be happier with more technically efficient firewall structures. On Tuesday 17 September 2002 20:37, L. Mark Stone wrote:
Zone Alarm is made by Zone Labs (http://www.zonelabs.com) and it is a fine product. It is the only software firewall I know for Windows that blocks OUTGOING traffic as well as incoming traffic, thereby providing an extra level of protection in the event your Windows PC is already compromised.
Steve Gibson wrote a review of Windows software firewalls. His site is http://www.grc.com.
Windows is less secure than Linux out of the box, that's why Zone Labs makes lots of money selling Zone Alarm!
Windows with Zone Alarm properly configured is pretty darn secure. You may need to argue semantics with your friend to win your bet here!
On Tuesday, September 17, 2002 05:31 pm, Jon Biddell wrote:
I've been issued with a challenge.....
A friend has just put satellite internet access in, and is running a firewall called "ZoneAlarm" (or Zonealert, can't remember). He's got a fixed IP, and has challenged me to prove that Windows is less secure than Linux by breaking into his machine and leaving a non-destructive message in his AUTOEXEC.BAT file...:-)
Then I can talk to him about converting to Linux...:-)
Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go.
- -- Thomas Jones i-Null.com Network Administrator -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9h9689w7alPkpvvsRAiIMAJ9IZwUs+AYaULdEhvMTHfpg+IVxLQCfT0Xs xS2c8fK7IEdX6S/90rbkIZw= =lKCO -----END PGP SIGNATURE-----
Thomas, OK, please name them, because I'd like to find out more about them. Currently I am the CIO of a global trading company in New York City, and every laptop we issue we configure with Zone Alarm. If there's a better product, I want to know about it! On Tuesday, September 17, 2002 10:02 pm, Thomas Jones wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This statement by far is very inaccurate. I can off the top of my head.....name at least four more that perform different types of internal traffic auhtorization.
IMHO...ZA is a decent remedy for the average user. But, the majority of advanced users will probably be happier with more technically efficient firewall structures.
On Tuesday 17 September 2002 20:37, L. Mark Stone wrote:
Zone Alarm is made by Zone Labs (http://www.zonelabs.com) and it is a fine product. It is the only software firewall I know for Windows that blocks OUTGOING traffic as well as incoming traffic, thereby providing an extra level of protection in the event your Windows PC is already compromised.
Steve Gibson wrote a review of Windows software firewalls. His site is http://www.grc.com.
Windows is less secure than Linux out of the box, that's why Zone Labs makes lots of money selling Zone Alarm!
Windows with Zone Alarm properly configured is pretty darn secure. You may need to argue semantics with your friend to win your bet here!
On Tuesday, September 17, 2002 05:31 pm, Jon Biddell wrote:
I've been issued with a challenge.....
A friend has just put satellite internet access in, and is running a firewall called "ZoneAlarm" (or Zonealert, can't remember). He's got a fixed IP, and has challenged me to prove that Windows is less secure than Linux by breaking into his machine and leaving a non-destructive message in his AUTOEXEC.BAT file...:-)
Then I can talk to him about converting to Linux...:-)
Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go.
- -- Thomas Jones i-Null.com Network Administrator -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE9h9689w7alPkpvvsRAiIMAJ9IZwUs+AYaULdEhvMTHfpg+IVxLQCfT0Xs xS2c8fK7IEdX6S/90rbkIZw= =lKCO -----END PGP SIGNATURE-----
-- _________________________________________________________ Another Message From... L. Mark Stone Email: LMStone@LMStone.com Web: http://www.lmstone.com
Sygate has everything that zonealarm does, and then some...just off the top of my head. Plus, zonealarm freeware sucks pretty bad. Only the zonealarm pro (paid version) is fairly decent, if it is configured properly (as with any firewall). : -----Original Message----- : From: L. Mark Stone [mailto:LMStone@LMStone.com] : Sent: Tuesday, September 17, 2002 9:07 PM : To: Thomas Jones; suse-linux-e@suse.com : Subject: Re: [SLE] OT: ZoneAlarm : : : Thomas, : : OK, please name them, because I'd like to find out more about : them. Currently I am the CIO of a global trading company in New : York City, and every laptop we issue we configure with Zone : Alarm. If there's a better product, I want to know about it! :
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here are a few of your software choices that may be of some use to your corporation: McAfee Desktop Firewall McAfee Firewall Sygate Personal Firewall Pro Norton Personal Firewall 2002 There may be some more that meet the specific needs of your environmental concerns. I had done some testing here at home in regards to a few firewall choices at one time......ZA seemed to drop alot more packets as the bandwidth availability factor was decreased. I fired up a couple of C scripts and through a bunch of data through the firewalls. The processing engine used by both ZA and McAfee had less than desireable results. BTW...there is a full firewall buyers guide released by the 'International Computer Security Association' every year. This may be of some help to you. Feel free to email me with any questions and/or comments that i may be able to help you with. On Tuesday 17 September 2002 21:06, L. Mark Stone wrote:
Thomas,
OK, please name them, because I'd like to find out more about them. Currently I am the CIO of a global trading company in New York City, and every laptop we issue we configure with Zone Alarm. If there's a better product, I want to know about it!
On Tuesday, September 17, 2002 10:02 pm, Thomas Jones wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This statement by far is very inaccurate. I can off the top of my head.....name at least four more that perform different types of internal traffic auhtorization.
IMHO...ZA is a decent remedy for the average user. But, the majority of advanced users will probably be happier with more technically efficient firewall structures.
On Tuesday 17 September 2002 20:37, L. Mark Stone wrote:
Zone Alarm is made by Zone Labs (http://www.zonelabs.com) and it is a fine product. It is the only software firewall I know for Windows that blocks OUTGOING traffic as well as incoming traffic, thereby providing an extra level of protection in the event your Windows PC is already compromised.
Steve Gibson wrote a review of Windows software firewalls. His site is http://www.grc.com.
Windows is less secure than Linux out of the box, that's why Zone Labs makes lots of money selling Zone Alarm!
Windows with Zone Alarm properly configured is pretty darn secure. You may need to argue semantics with your friend to win your bet here!
On Tuesday, September 17, 2002 05:31 pm, Jon Biddell wrote:
I've been issued with a challenge.....
A friend has just put satellite internet access in, and is running a firewall called "ZoneAlarm" (or Zonealert, can't remember). He's got a fixed IP, and has challenged me to prove that Windows is less secure than Linux by breaking into his machine and leaving a non-destructive message in his AUTOEXEC.BAT file...:-)
Then I can talk to him about converting to Linux...:-)
Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go.
- -- Thomas Jones i-Null.com Network Administrator -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE9h9689w7alPkpvvsRAiIMAJ9IZwUs+AYaULdEhvMTHfpg+IVxLQCfT0Xs xS2c8fK7IEdX6S/90rbkIZw= =lKCO -----END PGP SIGNATURE-----
- -- Thomas Jones i-Null.com Network Administrator -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9iD2P9w7alPkpvvsRAmajAKCAO9WKVHguTjZpxJzv1JB75reH1ACgy1pq ZON4JHrHYMilkHX9cR9rGms= =i3+g -----END PGP SIGNATURE-----
Thomas, Thanks for the names and the ICSA lead. We too had investigated McAffee and were not happy with it. Sygate is a new name to me. The Symantec is probably worth a fresh look, especially as we are already a customer (Norton Anti-Virus Corporate Edition for our work Windows network). FWIW, we use the Pro version of ZA, not the freeware version. And we use ZA only for laptops. The company's network is nominally protected by a Cisco PIX firewall--no dropped packets there! Thanks again, Mark On Wednesday, September 18, 2002 04:47 am, Thomas Jones wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Here are a few of your software choices that may be of some use to your corporation:
McAfee Desktop Firewall McAfee Firewall Sygate Personal Firewall Pro Norton Personal Firewall 2002
There may be some more that meet the specific needs of your environmental concerns. I had done some testing here at home in regards to a few firewall choices at one time......ZA seemed to drop alot more packets as the bandwidth availability factor was decreased. I fired up a couple of C scripts and through a bunch of data through the firewalls. The processing engine used by both ZA and McAfee had less than desireable results.
BTW...there is a full firewall buyers guide released by the 'International Computer Security Association' every year. This may be of some help to you.
Feel free to email me with any questions and/or comments that i may be able to help you with.
On Tuesday 17 September 2002 21:06, L. Mark Stone wrote:
Thomas,
OK, please name them, because I'd like to find out more about them. Currently I am the CIO of a global trading company in New York City, and every laptop we issue we configure with Zone Alarm. If there's a better product, I want to know about it!
On Tuesday, September 17, 2002 10:02 pm, Thomas Jones wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This statement by far is very inaccurate. I can off the top of my head.....name at least four more that perform different types of internal traffic auhtorization.
IMHO...ZA is a decent remedy for the average user. But, the majority of advanced users will probably be happier with more technically efficient firewall structures.
On Tuesday 17 September 2002 20:37, L. Mark Stone wrote:
Zone Alarm is made by Zone Labs (http://www.zonelabs.com) and it is a fine product. It is the only software firewall I know for Windows that blocks OUTGOING traffic as well as incoming traffic, thereby providing an extra level of protection in the event your Windows PC is already compromised.
Steve Gibson wrote a review of Windows software firewalls. His site is http://www.grc.com.
Windows is less secure than Linux out of the box, that's why Zone Labs makes lots of money selling Zone Alarm!
Windows with Zone Alarm properly configured is pretty darn secure. You may need to argue semantics with your friend to win your bet here!
On Tuesday, September 17, 2002 05:31 pm, Jon Biddell wrote:
I've been issued with a challenge.....
A friend has just put satellite internet access in, and is running a firewall called "ZoneAlarm" (or Zonealert, can't remember). He's got a fixed IP, and has challenged me to prove that Windows is less secure than Linux by breaking into his machine and leaving a non-destructive message in his AUTOEXEC.BAT file...:-)
Then I can talk to him about converting to Linux...:-)
Anyone have any clues about this program ? I've tried all the obvious telnet / ssh tricks, and no go.
- -- Thomas Jones i-Null.com Network Administrator -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE9h9689w7alPkpvvsRAiIMAJ9IZwUs+AYaULdEhvMTHfpg+IVxLQCfT0Xs xS2c8fK7IEdX6S/90rbkIZw= =lKCO -----END PGP SIGNATURE-----
- -- Thomas Jones i-Null.com Network Administrator -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE9iD2P9w7alPkpvvsRAmajAKCAO9WKVHguTjZpxJzv1JB75reH1ACgy1pq ZON4JHrHYMilkHX9cR9rGms= =i3+g -----END PGP SIGNATURE-----
-- _________________________________________________________ Another Message From... L. Mark Stone Email: LMStone@LMStone.com Web: http://www.lmstone.com
I found this and thought someone else might be interested as well. http://www.eweek.com/article2/0,3959,522850,00.asp
A couple of weeks ago someone posted here a request for a copy of CD1 for SuSE 7.2, to replace a damaged one... Sorry, I lost your email... I've just (last night) gotten my 7.2 CDs back from a friend.... Email me again and we'll sort something out. Jon
participants (21)
-
- -
Allen Carpenter -
Ben Rosenberg -
Clifford Okoro -
Doug McGarrett -
Frits J. Wüthrich -
h g -
Jeric -
Jim Cunning -
Jon Biddell -
Keith Winston -
L. Mark Stone -
Matthew Kennedy -
Max Webb
-
Rowan Reid -
Salman Khilji -
steve -
SuSEnixER -
Thomas Jones -
Tom Nielsen -
zentara