Mike McCarty wrote: > Tim wrote: >> >> I don't have a single Linux box here that listens to the modem. I'd >> have to install a service to do so. Your MS-DOS box is no more secure >> than any of them, for that point of attack. >> > > I respectfully disagree with you on this point. Your Linux > machine has a device driver for that device, while my MSDOS > machine does not. So you *do* have software listening to > that device, which software potentially has security compromising > defects. I have no software on my MSDOS machine which listens > to the serial port. So if I install a modem on it, it remains > relatively secure. > I fail the see the difference between the Linux driver for a serial port, and the DOS driver for COM ports, at least as far as security goes. Nether driver does anything unless there is a program accessing them. The fact that the serial driver is built in with MS-DOS, and may be loadable under Linux does not make much difference. If anything, Linux without the driver loaded would be slightly more secure. Now, if you have unusual serial ports under DOS< you may have to load extra drivers to use them. I have a couple of multi-port serial cards that need them. But the drivers for COM1 and COM2 are standard in all versions of DOS. Most also have defaults for COM3 and COM4. The thing that you are overlooking is that DOS has drivers for most of the standard hardware ether built in, or accessible through the system BIOS. If anything, accessing hardware through the system BIOS can be more of a security risk. You never really know what is in the BIOS. It is probably safe, as long as you are careful about updates. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!