|
General software and network General OS-independent software and network questions, X11, MTA, routing, etc. |
|
Thread Tools | Display Modes |
|
||||
Newbie guide to operating services on the Internet
Today, on OpenBSD's misc@ mailing list, a poster discovered that his new OpenBSD installation had been rapidly compromised. Nick Holland posted the following short essay in reply.
I thought it was a brilliant response. While you may not feel Mr. Holland's recommendations apply to you (and your skills, real or perceived), his point that mismanaged or mis-configured services can cause harm to others on the Internet is absolutely pertinent. The entire post is here, and the thread begins here. Quote:
|
|
||||
A bully-boy groupie?
Was it the public relations spin that you found admirable - Nick's attempt to immediately squash this mention of a possible insecurity as user incompetence before any discussion could begin? Did you enjoy the violence of seeing someone humiliated?
I, personally, saw nothing "brilliant" about the thread. I think Nick's response severely interfered with the community's ability to analyze and resolve the issues (wherever the problems might have been). |
|
||||
I'm sorry I wasn't sufficiently clear, hanzer. I'll briefly restate my thoughts.
Any of us can make a mistake. All of us do make mistakes, all the time. Sometimes our mistakes cause problems for others. When those are mistakes we make while operating Internet-facing services, those problems for others can be magnified and very far reaching. Apropos, knowledge of the best practices that mitigate those risks should be considered before operating those services. Discussion continued - there were 16 additional posts in the thread after Nick's. http://marc.info/?t=138933594300001&r=1&w=2 Last edited by jggimi; 12th February 2014 at 08:53 PM. Reason: typo |
|
||||
Quote:
Some resources for OpenBSD users who would rather not be drawn into the mosh-pit: |
|
||||
None taken. An interesting and relevant topic is unfolding, it's certainly worth discussing.
I suspect it's not unusual at all for console cowboys to go a little whack-a-mole crazy from time to time. This is probably due to the character of the technology. The desire for control in designing, building and using complex systems and the need for order as the complexity of the system increases, are both probably necessary for any significant success. But this isn't mathematics with idealized abstractions that are universally true and eternally perfect. [Computer] networks and software are messy evolving systems with an almost organic character. There will be parasites and predators filling the niches and taking advantage of opportunities as they arise. That's a characteristic of the technology. If dealing with that becomes overwhelming then it's time to take a break and maybe move out into the country and build clocks or go to a university and meditate serenely on mathematical perfections. However, it's very important not to let these mad buggers dictate social policy and try to force evolutionary processes into their small clock-work notions of order. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Disabling Services Not Needed | EverydayDiesel | OpenBSD Security | 10 | 25th January 2010 01:20 PM |
start stop services ? | smooth187 | OpenBSD General | 4 | 31st August 2008 01:00 AM |
Newbie-friendly "printing in OpenBSD" guide wanted | Shagbag | OpenBSD Packages and Ports | 5 | 7th July 2008 09:26 PM |
Questions about my home configuration services | aleunix | OpenBSD Security | 9 | 12th June 2008 01:54 PM |
Learn which services are listening on your box | anomie | Guides | 5 | 14th May 2008 09:59 AM |