> I grabbed their technical FAQ from ftp.sctc.com. Rather amusing. They > talk about how they deal with UDP packets and they say,'We dont allow any > services that UDP packets.'. Well, Gee, I guess sidewinder isnt going to Gosh, its really hard to secure a system if you lock out all Internet services :-) I admin whip.isca.uiowa.edu, which runs the ISCA BBS, which is the largest BBS in the world. Obviously it'd be quite a coup for a cracker type to break it, but it has never been done. Why? Not because I am the world's greatest admin, or because HP-UX 9.01 is the most secure OS in the world. Its because there are only 4 ports with any sort of access: telnet, which connects to the BBS, finger, which gets a list of who is on the BBS (neither of which can possibly fork a shell or execute a command) Sendmail, which runs with program/file/etc mailers disabled and has a few hacks to screen out attempts to mail anything but 3 specific accounts, just in case the program/file mailer disabling wasn't enough. Plus a real telnet daemon on a port that will only accept connections from 4 specific IP addresses. Essentially cracker proof. So did I miss the boat by not trying to sell this "knowledge". The military secure version of the system could have no network at all, be inside a locked bank safe, with armed MPs on guard strip searching everyone before and after they leave :-)