On Thu, Feb 22, 2001 at 11:06:41AM -0600, Michael Scott Shappe wrote:
> MacOS up through 9.x is arguably more secure *out of the box* for the same
> reason that Windows9x is secure *out of the box* -- there's no network
> listener running as a matter of course on such a system, and no provision
> whatsoever for someone coming in from the outside and executing code. It's
> also impossible to get "shell" access by hacking into a MacOS <= 9.x,
> because there is no shell!
I hate to flame anyone, but that's a bunch of bullshit. Just because
there are no ports open doesn't mean you can't still crash the TCP/IP stack
of a really crappily designed OS (ie MacOS). Trust me. I know. I was a
Mac SysAdmin, and sure enough, there are absolutely *no* TCP/IP ports open
on a default install of an early version of MacOS 9, but you could still
crash the system by scanning *all* the UDP ports with nmap.
And don't forget: even if your TCP/IP stack is okay, no one is
invulnerable to DDOS attacks (yet).
