Indeed, one might, with a reasonable sense of balance, indicate that: 1) a system with myriad known security holes is less secure than a system with few or no known security holes - in practice. A specific example of this is SunOS 4.1.x, which is full of holes, vs. Solaris 2.x, which is relatively secure (in fact, in these terms, quite a bit more so). ...and... 2) _any_ OS, not solely those from Sun, is vulnerable to the _possibility_ of breakins, whether there are any known holes or not. Minor apologies - I realize this has little to do with intrusion _detection_. Barney, Larry wrote: > > Probably what he should have said is that many security fixes having > to do with known problems went into the Solaris 2.5. > > That is not to say that they didn't open up any more holes or that > there are not many other holes still yet undiscovered or reported. > > Larry Barney > > [Quoted Article Deleted]