Recurrent question

No chance there. VB actually understands NAT. Debbie didn't have a clue about how NAT worked.

Debbie was dingy we all know that. I wonder what happed to her she was so prolific with her spill and about that book she was writing and was always on the verge of having it published..

Duane :).

Nice - I now have a certificate for understanding NAT ;-)

Yours, VB.

This article led me to it.

are quite well respected. The main point is that nothing is secure out of the box, everything needs configuring.

No, not mine. I had to repair a few. Mostly hardware faults.

This should do it for me :)

Most people round my way don't care about security. They say their credit card insurance covers fraud so they are safe. If you mention spyware, worms or trojans they ask you what that means in English. Seriously.

You forgot it's windows, that's a double-click, which is twice as much work :oP

Here's a recent post from someone where ZoneAlarm caught stuff getting out and prevented it. snipped-for-privacy@4ax.com

Ric

Please offer technical arguments, not "my friends feel so, too".

Come on, Ric, you're clever enough too see, that claiming "I cannot tell you why, because I did not check, but this must be true..." is not a good argument, is it?

And people, who argue like that, we should better ignore in a discussion, right?

[MacOS X]

This is just wrong. Get a Mac, and try it out.

Oh-my-FSM. The ridiculous shit, that people cannot find the -P0 switch for nmap ;-)

Yes. I'm believing that. Really. *sigh*

;-)

Yours, VB.

Apple seem to make similar claims here

you say Darwin is as secure as FreeBSD?

I'm not sure what you mean there. It's a very good article.

Ric

Please read your sources before you're referencing them. Apple is claiming exactly the opposite, a "Secure Default Configuration".

In what respect?

Yes. And? There is nothing described as "enumeration" in it. Do you mean using ICMP echo to scan boxes? Really nobody does this any more before scanning networks.

Yours, VB.

But apple, as shipped with OS/X, had at least 5 holes last year that I can remember.

Could you please explain to me how a "Secure Default Configuration" is the opposite of "secure out of the box"?

In respect that the BSD's are generally considered to be the safest default installs. I wondered if you thought Darwin improved on them. With the money Apple can throw at Darwin it should happen sooner or later.

They do. They get it from articles like this one :) It's not the cutting edge, it's what the masses use. That's why people like to block unnecessary ICMP, to help prevent OS detection, inverse mapping etc.

Ric

| >> >> The main point is that nothing is | >> >> secure out of the box, everything needs configuring.

It is not. It is the opposite of "nothing is secure out of the box, everything needs configuring.". Please read again, what you claimed in the lines, I marked. ;-)

Perhaps this is a misunderstanding between the two of us, and you meant the same than I did with "Apple seem to make similar claims here".

Oh, are they? I can only see this for OpenBSD.

No, not in any respect. I think, MacOS X is a good choice for a home user. If I would be a home user, I wouldn't consider something else today.

When I'm sniffing, what comes here, nearly nobody does it any more (with some small exceptions).

But even if this would be common any more, such being "invisible" has nothing to do with security at all, and does not help with security in any way.

Yours, VB.

Yes. That's what I meant. :-)

You might be right, but you would have a hard time finding it where I live. Most shops don't sell Mac's or OS X. Most UK online shops only offer windows. Apple hardware is far too expensive for most people. At Apple Store UK Power Mac G5's _start_ at £1399. Even the iMac starts at £899. PC clones start at around £300 locally. Apple like to tie OS X to their own hardware. :-(

ACK. Stealth is only achieved by people who sneak into your box and leave no trace. It's best avoided. :-)

Ric

For the further discussion, it seems that I better should have a sales agreement with Apple Computer.

Just kidding, no worry ;-)

Most Macs are sold via the net I guess.

Not anymore. Have a look at the Mac Mini.

Yes. Apple has a business model which depends on selling hardware.

But: I don't want to move people to using Macintosh computers. I don't have shares of "something with fruit" ;-)

Yours, VB.