|
|
BugTraq
Re: Buffer overflow prevention Aug 14 2003 05:26PM Mariusz Woloszyn (emsi ipartners pl) (6 replies) Re: Buffer overflow prevention Aug 14 2003 11:27PM Shaun Clowes (shaun securereality com au) (1 replies) Re: Buffer overflow prevention Aug 15 2003 06:48PM Crispin Cowan (crispin immunix com) (1 replies) Re: Buffer overflow prevention Aug 17 2003 11:09PM Shaun Clowes (shaun securereality com au) (1 replies) Re: Buffer overflow prevention Aug 17 2003 10:42PM Crispin Cowan (crispin immunix com) (2 replies) Heterogeneity as a form of obscurity, and its usefulness Aug 21 2003 02:00AM Bob Rogers (rogers-bt2 rgrjr dyndns org) (1 replies) Re: Heterogeneity as a form of obscurity, and its usefulness Aug 22 2003 03:56AM Crispin Cowan (crispin immunix com) (1 replies) Re: Heterogeneity as a form of obscurity, and its usefulness Aug 22 2003 06:21PM Nicholas Weaver (nweaver CS berkeley edu) Re: Buffer overflow prevention Aug 18 2003 06:07PM Mark Handley (M Handley cs ucl ac uk) (1 replies) Re: Buffer overflow prevention Aug 14 2003 07:37PM Theo de Raadt (deraadt cvs openbsd org) (3 replies) Re: Buffer overflow prevention Aug 14 2003 09:14PM Gerhard Strangar (gerhard brue net) (1 replies) Re: Buffer overflow prevention Aug 14 2003 09:43PM Theo de Raadt (deraadt cvs openbsd org) (1 replies) Re: Buffer overflow prevention Aug 14 2003 07:17PM Timo Sirainen (tss iki fi) (1 replies) Re: Buffer overflow prevention Aug 14 2003 06:47PM Jedi/Sector One (j pureftpd org) (2 replies) Re: Buffer overflow prevention Aug 15 2003 09:41AM Peter Busser (peter trusteddebian org) (2 replies) Re: Buffer overflow prevention Aug 16 2003 01:36AM Mark Tinberg (mtinberg securepipe com) (2 replies) |
|
Privacy Statement |
>>Heterogeneity increases survivability of the *species*, but does little
>>to protect the individual.
>>
>>
>What you're not taking into account is contagion. Amongst a
>homogeneous population, a pathogen that infects your friends can
>likely infect you. Amongst a heterogeneous population, if the same
>pathogen infects a friend, there's a significantly lower probability
>it can infect you.
>
To the contrary, I did take this into account in the portion of the
quote that you cut:
A site manager seeking to protect their own servers cares little if
an attack that takes them down doesn't take down their competitors.
In fact, it's kind of bad if heterogeneity means that you go down
and your competitors don't. At most, you could say that running the
most common system makes you somewhat more vulnerable to attack, and
you should take that into consideration when planning your security.
Running more common species makes you more vulnerable.
>How does this affect networks? Well, if you're a webserver or
>mailserver that talks to everyone, the heterogeneity doesn't buy you
>so much (other than, as you said, there might be more pathogens for
>popular systems). But if you're configured to not talk to the whole
>world (via a firewall, or something equivalent), then you're a whole
>lot safer if the machines you do communicate with are different from
>you in ways that make contagion harder.
>
As I said the last time the bio analogy came up, analogies are like
goldfish: sometimes they have nothing to do with the topic at hand. The
notion of being non-promiscuous and careful about who you talk to does
not work here: non-vulnerable Linux mail servers are fully capable of
passing virus-infected mails to vulnerable Windows clients. Firewall
mailing lists are currently full fo sorry stories about Blaster coming
in through VPNs, even though the firewall was blocking the right ports
from the outside.
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
Chief Scientist, Immunix http://immunix.com
http://www.immunix.com/shop/
[ reply ]