Re: How do you patch yours? (was: Monitor Services on Windows machines)

From: Avleen Vig (lists-bugtraq@silverwraith.com)
Date: 02/27/03

  • Next message: Marc Fossi: "Re: DMZ boxes in the domain - Bad moderator"
    Date: Thu, 27 Feb 2003 01:53:11 -0800
    From: Avleen Vig <lists-bugtraq@silverwraith.com>
    To: Tommaso Di Donato <t.didonato@artespa.it>
    
    

    On Thu, Feb 27, 2003 at 10:35:18AM +0100, Tommaso Di Donato wrote:
    > Hi all!

    Hey Tommaso, you sent this to only me. I think you meant to send it to
    everyone :-)

    > >Windows 2000 gave us the 'indexing service'. a) this hurt performance,
    > >and b) in the majority of situations it was completely unnecessary.
    > >How many people here install a Windows servers an leave the indexing
    > >service turned on?
    > I do not agree completely... I don't think Microsoft helps sysadmins to
    > know exactly that they can switch off the service, w/o compromise the
    > funcutionality. Every time you do something out of the wizard, you receive
    > drastic pop-ups telling you that you are about to die!!!
    > I think every one out there could understand what I mean...

    It is not up to Microsoft to educate you. It's up to you to educate
    yourself.
    Microsoft cannot know to what extend you need to be educated. Yes, they
    could release a *LOT* more information on how the different parts of
    their operating systems interact, enough information that you are able
    to work out on your own what the end result would be. I see no reason
    for them not to do this, from a technical OR business perspective.

    But still, the eduction in either scenario is your responsibility. If
    you administer systems, no matter what the OS, it's up to you to try
    different things, to deliberately try and break things, in order to
    understand what the limits of your system are.
    This extends far beyond security, into the basics of being a good
    administrator. If you don't have these skills or the time to learn them,
    well.... that's another discussion.

    Putting general administration aside and focusing on security again,
    when a new "feature" is introduced, you need to gather as much
    information on it as you can, then apply it to find out if the "feature"
    is required or not. Really you only need to consider the security
    implications in depth if you decide the feature is required and so must
    stay on. If it's not required, you turn it off.
    I also disagree that eduction as you imply for these new features, is
    hard to come by. It's not really. The MS KB is a good start, and
    google+usenet have always given me what else I need.



    Relevant Pages

    • Access 2007 unable to digitally sign accdb files
      ... Access 2007 has removed digital signing feature for accdb and accde files. ... the only way to silence Microsoft's security nagging is asking every user to go through a 5-step procedure to set up a trusted location, and then store the accdb file there. ... Microsoft's security message mess once and for all. ...
      (microsoft.public.access.security)
    • Bypassing SMTP Content Protection with a Flick of a Button
      ... How about using Outlook Express as ... more than an Outlook Express client and employs a rarely-used feature ... This RFC documented feature called "Message Fragmentation and ... comprehensive security policy to restrict potentially harmful content ...
      (Bugtraq)
    • [VulnWatch] Bypassing SMTP Content Protection with a Flick of a Button
      ... How about using Outlook Express as ... more than an Outlook Express client and employs a rarely-used feature ... This RFC documented feature called "Message Fragmentation and ... comprehensive security policy to restrict potentially harmful content ...
      (VulnWatch)
    • Re: Error
      ... for example I added this feature to our custom web app framework. ... any application will have stronger security settings right out of the box. ... risking the security of your customers websites. ... >>>>thrown and the request is aborted. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Linux 2.4 usage statistics
      ... feature freeze anyway), but it helps me know your usage better, to try ... mission-critical (you may loose your job if it fails too often)? ... security-critical? ... drivers not existing anymore in 2.6? ...
      (Linux-Kernel)