Re: Microsoft Can't Win.

From: Daniel David Benson (dan@spoontail.com)
Date: 10/09/01 

Date: Tue, 9 Oct 2001 13:25:32 -0700 (PDT)
From: Daniel David Benson <dan@spoontail.com>
To: Wim Remes <wim.remes@skynet.be>
Subject: Re: Microsoft Can't Win.
Message-ID: <Pine.GSO.4.21.0110091317280.22140-100000@dudester.spoontail.com>

> 1. Whether you are working with MS products, xNIX, AS/400,Netware, ... you
> will always need a firewall, IDS, ...
> those TOOLS were not invented to protect MS powered environments, they were
> developed to protect data.
> Firewalls will never become MS powered, since those who make the decisions
> KNOW what to choose for
> their money.

Totally and completely disagree. Firewalls are a good thing but they
also can make admins very lazy with host based security. Firewalls
are not an absolute. Host based security is without a doubt needed.

> 3. What is the use of bringing in a PFW if the user himself (or herself for
> that matter) does not even relate to the
> whole security idea. I have problems selling security solutions to
> IT-managers, let alone selling it to home-users. ROFLMAO.

This coincides with my point above. Microsoft has a duty just as much
as Sun, RedHat, etc do, to keep host based security in mind. I'm not
saying MS is any better or worse than the others, but it's something
that must be done.

> 4. There still is a relation between Security and Productivity. An OS
> that's regarded as secure (an OS can never be 100% secure)
> can not offer the same level of operability. That's the way it is, that's
> the way it'll always be.

Definitely agree with you here. This is called job security for us
admins.

> 5. MS has done great things to bring computers to the clerk's desk! I'd dare
> say more, if it weren't for MS, there wouldn't even
> be Linux!

Ummmm...no. The only thing Linux and MS Windows have in common is that
they are both operating systems.

-Dan

Relevant Pages

  • Re: Defense in Depth
    ... What is meant by "layers" of security, is this: the entry points that must be ... Physical Layer - Physical access to the resources. ... attacks and other attacks that go after the software itself. ... "layer" in one long chain (lots of firewalls). ...
    (Security-Basics)
  • RE: Wireless Security for Home Users
    ... for most home users to create and/or manage 2 firewalls and a DMZ. ... As with most network security, ... investigate additional security features available from the WAP ...
    (Security-Basics)
  • RE: [Full-Disclosure] RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
    ... > 1) I don't trust MS products for security related tasks. ... firewalls running on NT? ... necessary steps to mitigate the risk and protect yourself. ... We still had six boxes hit. ...
    (Full-Disclosure)
  • RE: IDS is dead, etc
    ... Most firewall logs are just as tough to decipher as IDSs. ... Automated security analytics is a tough animal I don't care what the system. ... firewalls and IDSs, not just IDSs. ... There is no solution to these problems, therefore IDS is dead and we ...
    (Focus-IDS)
  • PenTest Checklist
    ... wanted to know what your favorite tools/methods are for testing methods ... F- Web App Testing - tests website as an application for security holes, ... all firewalls should be tested together and ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, ...
    (Security-Basics)