Re: Securing a Windows 2003 server
chris_at_nospam.com
Date: 05/08/04
- Previous message: Derek Melber [MVP]: "Re: Anonymous Access named pipes and Shares"
- Maybe in reply to: Roger Abell [MVP]: "Re: Securing a Windows 2003 server"
- Next in thread: Alun Jones [MS MVP - Security]: "Re: Securing a Windows 2003 server"
- Reply: Alun Jones [MS MVP - Security]: "Re: Securing a Windows 2003 server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 08 May 2004 19:25:18 GMT
On Thu, 6 May 2004 08:11:34 -0500, "Phillip Windell" <@.> wrote:
><chris@nospam.com> wrote in message
>news:oeoj90tp143bqt8gll17huh7vtmthumatu@4ax.com...
>> Really? I think you'll find that Microsoft is the worst for lead
>> time to issue patches once notified of a vulnerability.
>
>No, that isn't the case. MS has much more resources concentrated in one
>location to be able to respond quickly. Linux has no "owner" and has no
>company or organization "responsible" for making corrections so a lot of
>time is lot before anyone figures out who is going to be the one to fix it.
I don't buy that. I repeatedly see where MS was apprised of a
vulnerability and takes their sweet time to respond. There is usually
a big different between when MS learns of the problem and when/if it
is announced. MS is also guilty of quietly fixing unannounced
security vulnerabilities and bugs without ever letting the public know
they should update.
Contrary to your belief, Linux kernels, drivers, and all packages do
have owners. They just aren't the same corporation. Of course this
is true of Windows as well. No one group at MS owns Windows. For
example the Win9x group never coordinated very well with the NT/2K/XP
group, who never talked to the MS Office group, etc.
>> As for number of vulnerabilities found, Linux has more found this year
>> than Microsoft. Of course the severity of the MS ones have generally
>> been worse by allowing complete remote takeover, whereas the bulk of
>> the Linux ones required a local attack.
>
>The term "complete remote takeover" is exaggerated and over used and
>particularly worse,..."undefined". Those security bulletines are almost
>like "form letters" that keep using the same "scary" terminology without
>ever explaining what it really means. I have yet to see a vulnerability
>that will grant an attacker "PCAnywhere-like" abilities on the machine. I
>have met some of those who actually write those bulletines and although I am
>convinced they are dillegent and comminted to doing a fine job, their
>terminology needs to be define much better and less vague.
I do agree that the average user has no clue what a buffer overflow
is. They don't need to. They just need to know they've gotta be
religious about updates and installing additional protections abve and
beyond what MS provides (antivirus, a better fw, etc). I would hope
the security bulletins make sense to you, given the credentials you
cite in your sig. Esp the CCNA - I give zero credibility to the MS
ones.
-Chris
Just look at the recent MS viruses that setup a command shell on a
network port. That's complete control in my opinion. At that point,
the system is wide open and it's a very minor step to upload and
install a remote control software such as BO.
-Chris
- Previous message: Derek Melber [MVP]: "Re: Anonymous Access named pipes and Shares"
- Maybe in reply to: Roger Abell [MVP]: "Re: Securing a Windows 2003 server"
- Next in thread: Alun Jones [MS MVP - Security]: "Re: Securing a Windows 2003 server"
- Reply: Alun Jones [MS MVP - Security]: "Re: Securing a Windows 2003 server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
