[Am-info] BBC's GO Digital program

John Poltorak jp@eyup.org
Mon, 6 May 2002 17:32:05 +0100 

On Mon, May 06, 2002 at 10:25:18AM -0400, Geoffrey wrote:
> John Poltorak wrote:
> > On Mon, May 06, 2002 at 09:51:42AM -0400, Geoffrey wrote:
> > 
> >>John Poltorak wrote:
> >>
> >>
> >>>If I start up OS/2 and connect to the Internet and just start browsing 
> >>>using Netscape, I have very little, if any, chance of being hacked.
> >>>
> >>Note, your statement was absolute, not 'very little.'
> >>
> > 
> > Where was this 'absolute' statement?
> 
> How about the statement below?  'AFAIAC my system is immune..'

What's wrong with that?

As far as I am concerned, my system is immune, merely states that I feel 
safe enough using my system on the Internet as it is now without any 
requirement for any added security.

> >>OS's.  I guarantee you there are some out there looking for OS/2 
> >>exploits, 
> >>
> > 
> > Have you ever come across any OS/2 exploits?
> 
> http://www.kb.cert.org/vuls/id/890128
> 
> The Lotus Domino Web Server contains a flaw that could be exploited to 
> cause a denial-of-service situation on the Windows and OS/2 Platforms.

Thanks, I'll bear that in mind when I think about installing Domino.

> > I have had systems connected permanently to the Internet for two years now 
> > and am not aware of any problems I've suffered.
> 
> Yeah, and you can walk across the street blind folded 100s of times 
> without getting hit by a car...  Hmmm, not aware.... hmmmm....

OK you have provided a single instance of an OS/2 exploit, which doesn't 
apply to me anyway. I have no reason to lose any sleep over getting hacked.
 
> > Setting up a firewall is something I'm looking at, but that's only to 
> > avoid certain ports being detected so nuisances don't get attracted. I 
> > don't feel in danger from them.
 
> Ah, so you do feel some exposure..

What concerns me is the possible increase in levels of traffic which might 
impact on my system thereby slowing it down, if some hacker discovers some 
available ports and puts a lot of effort into breaking through. I do not 
have any concerns  about actually being hacked.

 
> > 
> > BTW what do you mean by IDS?
> 
> Intrusion detection system.

OK, what's an Intrusion detection system?

What exactly is considered to be an intrusion?

How can you tell if your ids hasn't worked?

> -- 
> Until later: Geoffrey		esoteric@3times25.net

-- 
John