On Thu, 28 Jun 2001, amy tanner wrote: > The customer has already purchased it and I'm looking for ammo against it so > I can put in a linux firewall :) > Oh, they're allready screwd then. :) The gotchas I'd give them are: remote administration - basically anything that isn't done on the console. RDP is ok, but ssh is better. The new licensing plans - As of October 1, 2001: * Upgrade Licenses (comptitive, version, and product upgrades) will be discontinued. * Upgrade Advantage will be replaced by Software Assurance * There will only be three types of licenses available: 1: Full version license only 2: Software Assurance 3: Combination of the full version license with Software Assurance. http://www.microsoft.com/business/licensing/assurance/open56compare.asp http://www.microsoft.com/business/downloads/licensing/OpenOverview.doc http://www.microsoft.com/business/downloads/licensing/OpenCustomerGuide.doc Security Holes: I'm sure they've heard about security issues with both MS OS and Linux. Point out a few things to them about Linux: The major security breaches would not be present in a firewall setup because such services (use the MS termonolgy when attempting to convert someone. ;) such as DNS (bind) and web (apache) would not and should not be running on the firewall. The only way to gain access to the firewall is via the physical console and ssh. Then, MS: Many of the security issues with Windows would not have gone away simply by disabling the service. Some (not all) where problems with the OS itself. If the OS is flawed from the get go, what's the point of trying to secure it by running another piece of software. Andrew S. Zbikowski | Home: 763.591.0977 http://www.ringworld.org | PCS: 612.306.6055 They must not get baseball sized hail in Redmond. If they did MS would have realized HailStorm is a bad name for their new services.