Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: Microsoft Security, baby steps ?
From: Cael Abal <lists2 () onryou com>
Date: Thu, 18 Mar 2004 17:23:54 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

alwayssecure () hushmail com:
How is it that some sysadmins can manage security, can just get on and
get the job done, and some others have to bitch and moan and show
their appalling ignorance of the wealth of tools available to them -
many provided by Microsoft.

The site I secure has never been hacked since I arrived four years
ago. It is always kept up to date with patches - within hours of them
becoming available.

Hi Bob,

So, your site has never been compromised?  You /absolutely/ sure about
that?  :) </tongue in cheek>

I have to say your rapid patch deployment policy rather frightens me.  I
wouldn't even consider rolling out patches without rigourous testing.

Keep in mind, though, that I've had workstations completely hosed by
patches (I believe one of the worst was an innocent-seeming upgrade from
IE 4 -> 5, but don't hold me to that).

Personally, I think Microsoft is doing a tolerable job on the patch
management front.  SUS is nice but needs significant work -- the absence
of logging, for example, is a huge omission.  Rumours were it was
supposed to be implemented in SUS 2.0?

Cael


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)

iD8DBQFAWiF6R2vQ2HfQHfsRAjddAKDTPcoitkS/IXuhN6ileDELwzDntACeI3OB
hNNQkQGq56Ao2z0hFTeH6QM=
=aRJS
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]