[Info-vax] What to do with my VAX.....

[seasoned_geek]

On Monday, October 19, 2020 at 3:33:32 PM UTC-5, Scott Dorsey wrote:
> Grant Taylor  <gtaylor at tnetconsulting.net> wrote:
> >On 10/18/20 3:17 AM, seasoned_geek wrote:
> >> There is a growing need for an OS without any TCP/IP stack. *nix did 
> >> it wrong. There is absolutely no way of securing any system using 
> >> *nix based TCP/IP when it is connected to the Internet. 
> >
> >I can't agree with that.
> >
> >Sure, putting a system on the Internet exposes it to more harm than 
> >sitting in a room by itself with no external connectivity.  But then 
> >again, powering the system on exposes it to more harm than completely 
> >disconnecting it from power.
> 
> A person who believes as seasoned_geek does should run an operating system
> in which the tcp/ip stack is not an integral part of the kernel.  Like,
> for example, 4.1BSD.. which... just so happens to run on the vax!
> --scott
> 

Which would have the 25+ year old Bash shell super vulnerability. They don't need to have the IP stack running as part of the kernel as long as they can crack IP enough to get a Bash sell under even a GUEST account. With that vulnerability they will be God on the machine.

There simply is no way to secure any OS that is running *nix based TCP/IP. None.