Hi David

David Jencks wrote:

> I don't have any first hand experience with managing a production server on
> either Linux or NT/2000,

If you are going to do it, I'd personally go for linux, running remotely
over the net is something unix thrives on, winnt still has trouble if
your not at the console. Citrix and terminal server work fairly well,
but it's a kludge, and their not as good as Xwindows or ssh in my
opinion. Anyway Im a bit biased, since I recon windows designers havent
even figured out yet that <ctl><alt> <delete> isn't really a user
firendly way to logon yet.

> but I did just read a fascinating book -Secrets
> and Lies: Digital security in a networked age, by Bruce Schneier. Among
> zillions of other points and philosophical principles, he notes that each
> OS API call represents a potential security hole. Linux has ~229, NT 4 SP
> 3 ~3433.
>
> Incidentally, I think this book might be a good reference for those
> interested in improving Firebird security.

Actually I've read it, and his previous book "Applied Cryptography" and
I also subscribe to his monthly email newsletter
(http://www.counterpane.com). which has all the nice lowdown gossip on
breakins/echelon/sdmi/etc. so Im a bit of a fan. I think anyone who can
make cryptography interesting deserves their own medal.


Cheers

Mark

--
Your database needs YOU!
http://firebird.sourceforge.net