Great Circle Associates Firewalls
(September 1995)

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Re[2]: Comments on a hacked server/page
From: "Michael H. Warfield" <mhw @ wittsend . com>
Date: Wed, 20 Sep 1995 14:46:19 -0400 (EDT)
To: firewalls @ greatcircle . com
In-reply-to: <Pine . SUN . 3 . 91 . 950920170206 . 23951N-100000 @ ukwsv3> from "Ian Dunkin" at Sep 20, 95 06:24:56 pm

Ian Dunkin enscribed thusly:
> - On Tue, 19 Sep 1995, Roy L. Beasley wrote:

> > So I close by raising my "quill" (which we all know is mightier than any 
> > sword) one more time in challenge:  has anyone ever heard of a breach of 
> > NT's security that was not directly attributable to an administrator's 
> > blunder?  If so, let him or her come forth with honest testimony !!! :-)

> Would not the hole in the `EMWAC' NT HTTP server reported on the
> Firewalls list by Ken Hardy <ken @
 bridge .
 com> last month (and since
> fixed) seem to be a good example, and very similar in nature to past
> daemon-related UNIX vulnerabilities. 

	Don't you find it just fasinating that the Windows NT crowd defend
it's failings as "administrator's blunders" or "programmer mistakes" or
"that was the fault of the application".  Now let a application like
httpd or sendmail or finger or ftp fail on a UNIX box and its "UNIX is
just full of holes".  Can we all say hypocrite.

	Maybe its because Windows NT is so big but comes with so little
and everything has to be added on while UNIX comes with many of these
frills in da can.

	It MIGHT be interesting to eliminate ALL of the "errors" due to
operator error, anal retentive policy, or silly programmer output, but
I doubt it will get us very far.

	I've certainly done my share of programming in UNIX, Windows, and
Windows-NT.  It just has always amazed me the extent to which the Windows
et. al. programming paradym concerning memory and pointer allocation
actual encourages shody programming.  Microsoft always points the finger
at the applications when someone reports myriad GPF's (Windows) or Fatal
Application Errors (NT & 95 - they did say they would reduce the GPF's :-) )
but the fact remains that the layers under the application create a
breeding ground for error prone programs techniques even in otherwise
well written applications.  All of the sources for application errors
which are present on UNIX are also present on Windows et al, they just
added some new booby traps in the form of ill documented interactions
with API's, DLL's, and Global Pointers.  Sometimes you can even do
everything PERFECT and still get bombed.  Their only answer to that
is "yes you did exactly what the documentation said to do and yes that
is how it is suppose to work, but (to quote that old doctor joke) just don't
do that!"

	(Yes I've spend too may hours hashing out this kind of nonsense
with the Microsoft support droids and I know their litany by heart).

>     I.

> -- 
> Ian Dunkin <imd1707 @
 ggr .
 co .
> --

 Michael H. Warfield    |  (770) 985-6132   |  mhw @
 WittsEnd .
  (The Mad Wizard)      |  (770) 925-8248   |
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

Indexed By Date Previous: Re: Comments on a hacked server/page
From: bissonjk @ tiac . net (Jack K. Bisson)
Next: Re: Split DNS with subdomains
From: duncan @ hasp . com (Duncan J Watson)
Indexed By Thread Previous: Re: Re[2]: Comments on a hacked server/page
From: sgcccdc @ citec . qld . gov . au (Colin Campbell)
Next: Re: Re[2]: Comments on a hacked server/page
From: paul @ hawksbill . sprintmrn . com (Paul Ferguson)

Search Internet Search