> Not having a compiler/interpreter on the system means they _have_ to > have pre-compiled static/compatible binaries for the system. > > This pretty much eliminates cross platform automated attacks, and > ensures that _your_ attacker will have to approach your system with > the personal attention and TLC that it deserves ;) > Unless you've gotten rid of all shells on the box (bash, ash, tcsh, ...) you haven't elimitated cross platform automated attacks at all. The fact is if there is any interpreter on the box an automated bootstrap can happen. I agree that not having the compilers on there will slow them down but not by much. Even better is to use any of the kernel security patches that prevent executable stacks and watch for buffer overflows, they slow things down a little but worth the security if its a mission critical box. Eric _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list