Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: Re: Microsoft Security, baby steps ?
From: "Random Letters" <randomisedletters () hotmail com>
Date: Thu, 18 Mar 2004 11:40:15 +0000

No need to be patronising or dismissive.

Our problems (assuming we're professional sysadmins rather than home dabblers) are several.

1. Home users - don't have adequate protection and get turned into zombies. They then bombard us. OK - this is dealt with by an externally facing firewall but see #2 below.

2. Office workers with laptops or VPN connections to the internal LAN - get 'infected' (see #1 above) and then connect to the internal LAN. They then bombard any newly set-up PC before we get a chance to patch it. BTW you still have to connect to a network if you have a SUS or SMS server.

The "need to patch before I put it on the network" / "need to put it on the network to get the patches" IS a real problem for many sysadmins.

----------------------------------------------------------
If you're happy and you know it clap your hands
----------------------------------------------------------
  Does HoTMaiL come with a spell checker?


In an corporate environment, you will have SUS or SMS running.
If so, no need for internet access.

If you don't have this, just place a firewall on the box, or before the
box.
How hard can this be ? You do it the same way, as you would do before
you
would patch debian/*bsd/gentoo/ect/ect/ect.

There is no real problem here. Don't blame microsoft if you can't come
up with solutions to simple security "problems".


_________________________________________________________________
It's fast, it's easy and it's free. Get MSN Messenger today! http://www.msn.co.uk/messenger

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]