Re: How do you patch yours? (was: Monitor Services on Windows machines)
From: Avleen Vig (lists-bugtraq@silverwraith.com)
Date: 02/27/03
- Previous message: Robert Formanek: "Re: Monitor Services on Windows machines"
- Maybe in reply to: Avleen Vig: "How do you patch yours? (was: Monitor Services on Windows machines)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 Feb 2003 01:53:11 -0800 From: Avleen Vig <lists-bugtraq@silverwraith.com> To: Tommaso Di Donato <t.didonato@artespa.it>
On Thu, Feb 27, 2003 at 10:35:18AM +0100, Tommaso Di Donato wrote:
> Hi all!
Hey Tommaso, you sent this to only me. I think you meant to send it to
everyone :-)
> >Windows 2000 gave us the 'indexing service'. a) this hurt performance,
> >and b) in the majority of situations it was completely unnecessary.
> >How many people here install a Windows servers an leave the indexing
> >service turned on?
> I do not agree completely... I don't think Microsoft helps sysadmins to
> know exactly that they can switch off the service, w/o compromise the
> funcutionality. Every time you do something out of the wizard, you receive
> drastic pop-ups telling you that you are about to die!!!
> I think every one out there could understand what I mean...
It is not up to Microsoft to educate you. It's up to you to educate
yourself.
Microsoft cannot know to what extend you need to be educated. Yes, they
could release a *LOT* more information on how the different parts of
their operating systems interact, enough information that you are able
to work out on your own what the end result would be. I see no reason
for them not to do this, from a technical OR business perspective.
But still, the eduction in either scenario is your responsibility. If
you administer systems, no matter what the OS, it's up to you to try
different things, to deliberately try and break things, in order to
understand what the limits of your system are.
This extends far beyond security, into the basics of being a good
administrator. If you don't have these skills or the time to learn them,
well.... that's another discussion.
Putting general administration aside and focusing on security again,
when a new "feature" is introduced, you need to gather as much
information on it as you can, then apply it to find out if the "feature"
is required or not. Really you only need to consider the security
implications in depth if you decide the feature is required and so must
stay on. If it's not required, you turn it off.
I also disagree that eduction as you imply for these new features, is
hard to come by. It's not really. The MS KB is a good start, and
google+usenet have always given me what else I need.
- Next message: Marc Fossi: "Re: DMZ boxes in the domain - Bad moderator"
- Previous message: Robert Formanek: "Re: Monitor Services on Windows machines"
- Maybe in reply to: Avleen Vig: "How do you patch yours? (was: Monitor Services on Windows machines)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
