Re: Security Issues with NT4 being no longer supported.

From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 11/29/04

  • Next message: Jordan: "Re: Security Issues with NT4 being no longer supported." 
    Date: Mon, 29 Nov 2004 00:03:07 -0700

    "S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
    news:eCitsCa1EHA.936@TK2MSFTNGP12.phx.gbl...
    > Hi Karl:
    >
    > "Karl Levinson, mvp" <levinson_k@despammed.com> wrote in message
    > news:#lEaLaM1EHA.2156@TK2MSFTNGP10.phx.gbl...
    >
    > > As you may know, NT4 server is still supported, e.g. security patches
    are
    > > still being created.
    >
    > According to this:
    >
    > http://support.microsoft.com/default.aspx?scid=fh;[ln];LifeWin -
    >
    > incident and security related hotfix support for Windows NT 4.0 Server
    (all
    > versions) expires 31 December this year. Non-security support is history.
    > Paid support options don't give a lifeline, to my best knowledge.
    >
    > If NT server is exposed to Internet in any function (Web server, VPN,
    mail),
    > I'd suggest - upgade now. Risks of leaving the servers exposed to the
    > Internet cannot be effectively managed, considering potential of another
    > critical vulnerability. Inside the perimeter fence, the situation is
    little
    > better.
    >
    >

    A little better, but if the fence basically is a separator where a
    major percentage of those within are actually outside (i.e. VPN'd
    in) . . . then that little better is arguably very little better.

    If I recall, there is at least one RPC based vulnerability to denial
    of service for which NT is not / cannot (reasonably) be patched.
    This, and similar likely to eventually surface, along with inability
    to support newer .Net based software, seem to me to argue in favor
    of updating, and may indicate total cost may be less from doing so
    sooner than the inevitable later. 

    -- 
Roger Abell
  • Next message: Jordan: "Re: Security Issues with NT4 being no longer supported."

    Relevant Pages

    • NFS locking
      ... We have a NFS server here with a fairly high load. ... lockd: server xxx.xxx.xxx.xxx not responding, ... # ACPI Support ... # CD-ROM/DVD Filesystems ...
      (Linux-Kernel)
    • NFS problems with through 2.5.x to 2.6.0-test9
      ... When the server is running the ... kernel, as a client the 2.6 series seem to work perfectly, excluding ... Interesting problem arose when I attempted switch the server's kernel to ... with and without nfsv4 support compiled in (was considering testing it at ...
      (Linux-Kernel)
    • RE: Backups, VSS and SBS2003 HELP NEEDED!!!
      ... 2K3 server currently, also, I understand that it is better to have a backup ... Support Professional can assist with your request. ... Microsoft CSS Online Newsgroup Support ... >> suggest customers Only install Windows Server 2003 SP1 on their server. ...
      (microsoft.public.windows.server.sbs)
    • RE: Sharpoint Error in SBS 2003
      ... Have you upgraded the Sharepoint WMSDE to SQL server? ... A supported hotfix is now available from Microsoft, ... contact Microsoft Product Support ... Please paste all the accurate errors information in the newsgroup. ...
      (microsoft.public.windows.server.sbs)
    • Re: Im stuck - Weird behaviour on multiple Server 2000 DC/member servers.
      ... > I've checked the server environmant variables and "Path" includes ... > A third server (THLADL2) has started this behaviour - this server already ... > has SP4 installed so Microsoft Support suggested I install Security Rollup ... > Event Type: Warning ...
      (microsoft.public.win2000.general)