mailing list archives
Re: Re: Microsoft Security, baby steps ?
From: Cael Abal <lists2 () onryou com>
Date: Thu, 18 Mar 2004 17:23:54 -0500
-----BEGIN PGP SIGNED MESSAGE-----
alwayssecure () hushmail com:
How is it that some sysadmins can manage security, can just get on and
get the job done, and some others have to bitch and moan and show
their appalling ignorance of the wealth of tools available to them -
many provided by Microsoft.
The site I secure has never been hacked since I arrived four years
ago. It is always kept up to date with patches - within hours of them
So, your site has never been compromised? You /absolutely/ sure about
that? :) </tongue in cheek>
I have to say your rapid patch deployment policy rather frightens me. I
wouldn't even consider rolling out patches without rigourous testing.
Keep in mind, though, that I've had workstations completely hosed by
patches (I believe one of the worst was an innocent-seeming upgrade from
IE 4 -> 5, but don't hold me to that).
Personally, I think Microsoft is doing a tolerable job on the patch
management front. SUS is nice but needs significant work -- the absence
of logging, for example, is a huge omission. Rumours were it was
supposed to be implemented in SUS 2.0?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
RE: Re: Microsoft Security, baby steps ? John . Airey (Mar 18)
RE: Re: Microsoft Security, baby steps ? Schmehl, Paul L (Mar 18)
RE: Re: Microsoft Security, baby steps ? alwayssecure (Mar 18)
RE: Re: Microsoft Security, baby steps ? Ng, Kenneth (US) (Mar 18)
RE: Re: Microsoft Security, baby steps ? Random Letters (Mar 19)
- Re: Re: Microsoft Security, baby steps ? Cael Abal (Mar 19)