Contributed by Dengue on from the It's-nice-to-get-mainstream-press. dept.
(Comments are closed)
Latest Articles
Credits
Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]
By Louis () on
I look forward to his forthcoming book Free for all about the free/open software phenomenon.
By Jim () on
Ranum says hiding the operating system from everyone, including the professionals who know how to maintain one, is a smart solution. Every system takes time to learn, and his company wants to make its Network Flight Recorder product simple to use.
Ranum says, "The Unix heads hate NT, and the NT heads hate Unix, so our answer is that it's like a toaster: There are no user-serviceable parts inside."
------------
IMHO, this is a huge mistake. I have used NFR for a while, I like the older versions. They were great. But this attitude of Ranum's is why the program got screwed up, and why I no longer like it.
NFR is a IDS for those of you that do not know. A IDS takes some time to understand, and you have to know networking to use it right. By creating a IDS that any moron can use will mean that any moron will use it. And any moron will not know the difference between a attack they should worry about, and one that they can ignore. I don't want a easy to use IDS on my network, I want a good one.
Plus, the amount of useabilty that I lost with the newest version of NFR was huge. A prime example is that the only way to interface with it now is through a WIN32 interface. There is not way to access your NFR install from a UNIX box. Plus there are little things, like for instance that you cannot say see every packet from a given IP regardless of what sig matched it.
By taking away the user ability to get inside the box you take away the best parts about using a OS like OpenBSD. If open source is about control, then using a open source platform as a base, and then takeing away the users ability to get inside the box is just as bad a using close source software from the start. You take the control away from the user.
I really belive this is going to bite NFR in the ass, I hope that they return to the path they were taking a realese a quality IDS that does not take control away from those users that need it most. Untill then, I will be using other more open IDSs, such as shadow.
Jim
By Satan () satan@hell.com on http://www.hell.com/
Quote:- "The Unix heads hate NT, and the NT heads hate Unix, so our answer is that it's like a toaster: There are no user-serviceable parts inside."
- That is inside the NT engineer's heads (no user-servicable parts). An NT engineer (esp with an MCSE) is useless. Unfortunately, the branch of the company I work for (name available by posting a subsequent request) is full of NT heads. Example:-
Me: "Well, the proxy servers down again (mim*sw**p*r) - are you going to fix it?"
NT geeza: "No, f**k off - go and sit at your desk and bang your head on the partition. We've got to wait till we can be bothered to sort it" - this was said to my while they were browsing straight through the hole in the NT firewall (cybe*gua*d).
Me: "Shall we just install OpenBSD and Squid on it and make it work first time and forever?"
NT geeza: "No - we need an E3 approved proxy server, so we'll install NT4, Mimesweeper, Service pack 3, no security patches etc and send out an invitation for all the hackers to come in via the firewall. Oh yeah, and OpenBSD is Open Source so it's got more holes"
Nuff said. I think they just cant understand text mode. They panic at the thought of the first stage NT install...
- Satan