[Info-vax] What to do with my VAX.....
Scott Dorsey
kludge at panix.com
Fri Oct 23 18:52:19 EDT 2020
seasoned_geek <roland at logikalsolutions.com> wrote:
>On Monday, October 19, 2020 at 3:33:32 PM UTC-5, Scott Dorsey wrote:
>> Grant Taylor <gtaylor at tnetconsulting.net> wrote:
>> >On 10/18/20 3:17 AM, seasoned_geek wrote:
>> >> There is a growing need for an OS without any TCP/IP stack. *nix did=
>=20
>> >> it wrong. There is absolutely no way of securing any system using=20
>> >> *nix based TCP/IP when it is connected to the Internet.=20
>> >
>> >I can't agree with that.
>> >
>> >Sure, putting a system on the Internet exposes it to more harm than=20
>> >sitting in a room by itself with no external connectivity. But then=20
>> >again, powering the system on exposes it to more harm than completely=20
>> >disconnecting it from power.
>>=20
>> A person who believes as seasoned_geek does should run an operating syste=
>m
>> in which the tcp/ip stack is not an integral part of the kernel. Like,
>> for example, 4.1BSD.. which... just so happens to run on the vax!
>
>Which would have the 25+ year old Bash shell super vulnerability. They don'=
>t need to have the IP stack running as part of the kernel as long as they c=
>an crack IP enough to get a Bash sell under even a GUEST account. With that=
> vulnerability they will be God on the machine.
Bash? On 4.1BSD? You're more than a decade too early.
--scott
--
"C'est un Nagra. C'est suisse, et tres, tres precis."
More information about the Info-vax
mailing list