[squeak-dev] Namespaces

Igor Stasenko siguctua at gmail.com
Sun Jul 6 18:36:23 UTC 2008


2008/7/6 Jason Johnson <jason.johnson.081 at gmail.com>:
> On 7/6/08, Igor Stasenko <siguctua at gmail.com> wrote:
>>
>> Ask youself, why you need to add these lots of things. Isn't it
>> because your basic installed software lacks mechanisms to protect any
>> of its parts from unwanted intrusion?
>
> No, it's because of bugs in software.  Any bug can potentially be
> exploited by a hacker.  And these days, with the number of compromised
> computers on the interenet, if a bug is discovered in your software,
> the exploiter can literally hit every PC on the internet in a matter
> of hours.
>

I wonder, how you could protect your buggy software from being
exploited by hacker, when you have no idea where bug is?
Lets suppose that you wrote a server for public use, and its
potentially contains bugs.
Now , what role plays firewall here?
The only possible way of 'protection' and 'security' which firewall
can provide is putting a rule in firewall to deny access from all
hosts to it. Then you can feel happy, that your public server
protected from any potential attacks of exploiters :)

Another example. Suppose i running a server which holding open 1000
ports for use by anyone. Now someone running a DOS attacks on it, or
you'd like to ban some IP's, of users which causing problems or
violate terms of use.

What way,  to your sense is more simpler, better and error proof:

MyServer denyAccessFromIp: 'xx.yy.zz.ww'

or:

Firewall portsFrom: a to: b do: [:port | port denyAccessFromIp: 'xx.yy.zz.ww' ].

> But if none of your software has bugs anywhere then save money, don't
> buy any security infrastructure. :)
>


-- 
Best regards,
Igor Stasenko AKA sig.



More information about the Squeak-dev mailing list