I guess the trick is not having vulnerable services open the public. One might
leave some traps, for example rcmd, fake decode aliases (with EXPN disabled so
crackers can not tell it is not a hole, of course). tcpd gives me conditional
traps too, so things like telnet can work for me but not for crackers.
Cracking one's own computers is OK but cracking other people's I am less ure
about. I am tempted to demonstrate the "security" of NT by using false source
routing from whitehouse.gov to forge a message from the president, inlcuding
the correct injection IP address (a nice feature of NT for crackers).
-- Duncan (-: "software industry, the: unique industry where selling substandard goods is legal and you can charge extra for fixing the problems."