Re: EEYE: RealSecure/BlackICE Server Problems/Witty
From: Marcio Vieira (vieira_at_CSTL.SEMO.EDU)
Date: 03/22/04
- Previous message: Andrew Newdigate: "Re: Password protected ZIP files and Email worms"
- Next in thread: Travis Dennis: "Re: EEYE: RealSecure/BlackICE Server Problems/Witty"
- Maybe reply: Travis Dennis: "Re: EEYE: RealSecure/BlackICE Server Problems/Witty"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 22 Mar 2004 08:59:24 -0600 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
> On Sunday, February 29, 2004 4:25 PM Brad Webb said:
>
> Ok, perhaps I'm blind and am missing what's right in front of
> my face, but there seems to be no patches available from ISS,
> only "upgrades".
>
> As at 9:14AM AESDT, the only options available from the URL
> given (at least for BlackICE PC Protection and BlackICE
> Server Protection products) are "upgrades" to latest version.
> Of course if your version of BICE is "out of maintenance"
> then you seem to have but three options:
>
> 1) Purchase the upgrade (paying for fixes...)
> 2) Switch to a different vendor
> 3) Continue to use a vulnerable version of BICE until such
> time as an exploit is posted to bugtraq. Use your imagination
> for the next bit.
>
> Hopefully I'm just blind and the necessary patches are
> available, or will be soon.
Well, I think I'm blind too. Or maybe ISS is. I was denied a patch to fix
the recent bugs in BlackICE because I haven't purchased their service plan
this year. Actually, they don't even have "patches"--only full product
upgrades, like Brad mentioned above. If a customer doesn't want the extra
bells and whistles (and extra bugs) that come with the new version, then the
only solution is to find another product (which I hope most ISS customers
eventually will).
The old car-with-brake-problems analogy fits nicely here: suddenly someone
finds out that the car you bought a year ago has a defective brake that's
been proven fatal, but the car manufacturer tells you that you cannot get it
fixed for free because you didn't purchase the extended warranty. (??????)
I wonder if the domain name boycottiss.org is already taken... ;-)
Marcio Vieira
Southeast Missouri State University
-----
NTBugtraq Editor's Note:
Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you''ll have to copy their email address out of the message and place it in your TO: field.
-----
- Previous message: Andrew Newdigate: "Re: Password protected ZIP files and Email worms"
- Next in thread: Travis Dennis: "Re: EEYE: RealSecure/BlackICE Server Problems/Witty"
- Maybe reply: Travis Dennis: "Re: EEYE: RealSecure/BlackICE Server Problems/Witty"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
