Return to BSD News archive
Path: euryale.cc.adfa.oz.au!olive.mil.adfa.oz.au!navmat.navy.gov.au!posgate.acis.com.au!warrane.connect.com.au!news.syd.connect.com.au!news.mel.connect.com.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.eng.convex.com!newshost.convex.com!news.duke.edu!news.mathworks.com!tank.news.pipex.net!pipex!dispatch.news.demon.net!demon!skate.demon.co.uk!skate.demon.co.uk!not-for-mail From: plunky@skate.demon.co.uk (Iain Hibbert) Newsgroups: comp.os.linux.development.system,comp.os.linux.misc,comp.os.linux.networking,comp.unix.bsd.freebsd.misc,comp.unix.bsd.netbsd.misc,comp.unix.bsd.bsdi.misc Subject: Re: need secure OS to entrust millions to Date: 23 Feb 1996 20:23:56 -0000 Organization: The Bath Room Lines: 26 Message-ID: <4gl7os$9av@skate.demon.co.uk> References: <4gi6t6$3h9@lace.colorado.edu> NNTP-Posting-Host: skate.demon.co.uk X-NNTP-Posting-Host: skate.demon.co.uk X-Newsreader: Brians News Reader V0.8 [NetBSD] Xref: euryale.cc.adfa.oz.au comp.os.linux.development.system:18053 comp.os.linux.misc:88486 comp.os.linux.networking:29736 comp.unix.bsd.freebsd.misc:14379 comp.unix.bsd.netbsd.misc:2320 comp.unix.bsd.bsdi.misc:2462 Bryce <wilcoxb@cs.colorado.edu> writes: > I'm writing documentation which advises banks on how to > setup an electronic banking software package on a > Net-connected, firewall-protected Intel box. Some of the > most important banks in the world will be reading this > documentation very soon. most any unix system is easily capable of doing what you outline, free unixes included.. However, I can only suggest that you remove specific system recommendations from the document and instead recommend that they use an experienced Unix/Security admin person to choose, install and _continually_administer_ the system if they want to run a secure site. Such a person would know the options and would install something that they would be able to keep control of. I guess Banks would prefer to go for the conservative approach, and use the tried and trusted software that everybody else is using.. From a security standpoint though, conformity like this is dangerous. If everybody uses the same software, then a hole in one system is a hole in all the others. ]ain