I forget which of the Rainbow Series of books said it -- the Yellow
Book, I think -- but one of them noted that the same LAN that was
insecure in an office might be quite secure in a submerged submarine
with a highly-cleared crew aboard.As far as I know, we don't have a big problem with zombie computers on
submarines DOSing the Internet.
Well, no...
It takes a lot of time to talk individual users through fixing their
computers. Especially when they didn't break it. They just plugged
the computer in, and didn't spend 4 hours "hardening" it. Most of the
time we're not talking about very complex server configurations, with
full-time system administrators. The "magic" CD would be for people who
don't know they are sharing their computers with the Internet. When
they find out (or someone else reports it), they don't want to share
their computers with everyone the Internet. They just want it fixed.
Right. The problem (and the point I was making) is that "secure" is
context-dependent. In some sense, the easy way to "secure" machines is
to pull the network jack. That's a serious DoS attack on yourself.
Microsoft et al. could -- and should -- ship with all services off,
but of course those services exist because they provide some
functionality that some people want. Are those services safe? Well,
maybe -- it depends on your environment and your clue. Ssh to a Cisco
router is a reasonable thing to do, but not if the login password is
trivial.
--Steve Bellovin, error (me)
http://www.wilyhacker.com ("Firewalls" book)