G'day Bob

30 May 04 13:47, Bob Lawrence wrote to David Drummond:

 DD>> Your executable cookie just got a little more complex.

 BL>  You keep asking forspecifics when my argument was merely that a
 BL> cookie offers another way into the computer... and it does. That
 BL> is inarguable (I would have thought, but apparently not for you).

I have no fear of cookies being malignant executables any more than I fear
the file containing the signature pasted onto the bottom of my emails.
[...]
 DD>> My Linux doesn't have a "centralised source of all information"
 DD>> - most apps/utilities have their own text based config file.
 DD>> Maybe you're running a distributions that's been too
 DD>> Windowised... 

 BL>  No... I can't remember the directory name offhand, but Linux has a
 BL> sort-of central location for the config files. For instance, Lilo has
 BL> its config that lets you actually change the boot... except that you
 BL> need to be ROOT to do it. 

The /etc directory? Many apps store their configs there, but not all.

 BL> That worries me... but not one-thousandth of how Win98 worries me!

 BL>  In Win31 there was win.ini and system.ini in the Windows directory,
 BL> but that only set the defaults on loading. You could not *run* things
 BL> from in there, you had to get into the individual config files for
 BL> what ran automatically. Linux is more like that. Win98 (et al)
 BL> actually lets you *run* things from the registry itself.

Remember autoexec.bat and config.sys? Nasty things can be pasted into there
to run at startup too...
[...]
 DD>> If they've taken over Symantec then I guess I'm fucked.

 BL>  It occurs to me that a false M$ or Symantec home page would be a
 BL> good way to spread a virus.

How would you put this false homepage onto Sysmantec's site?

I don't surf to their homepage for virus upgrades. The se4rver component of
the product uses a VPN like connection to a non-standard port at a
hardwired address at Symantec. I guess one could take over the DNS system
of the Internet and redirect such calls to a hoax site..... A rather large
ask though.

 DD>> It does not have to be. The firewall I have here is not running
 DD>> on my computer, it is a separate entity. It is contained in the
 DD>> case with the DSL modem/router - a firmware device. 

 BL>  Aha! That is more like it! You are not just a pretty face, David.

A single diskette Linux router is a similar device - except the router
boots from non-volatile RAM.

You can buy a DLink Firewall box for about $129 from Harris Technology. It
is also a 4 port 10/100 switch and a printer server.

One side connects to your DSL or Cable modem, the other side to your LAN.

Regards,
David

--- Msged/LNX TE 06 (pre)