Re: controversial paper
From: George Ou (533george_ou234_at_netzero234.com)
Date: 09/30/03
- Next message: Louis Scheffer: "Re: Factoring vs 3-SAT"
- Previous message: wrong way philbin: "Re: controversial paper"
- In reply to: Rickey Braddam: "Re: controversial paper"
- Next in thread: Cypher: "Re: controversial paper"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Sep 2003 05:34:11 GMT
On Tue, 30 Sep 2003 01:59:43 GMT, "Rickey Braddam"
<sharedsecrets@earthlink.net> wrote:
>Please don't interpret this as a personal attack. I'll do my
>best to never engage in a personal attack, and rely on the
>others here to point it out to me if I do. As one who makes
>my share of mistakes, and maybe more, I have no standing to
>critisize anyone for making a mistake. I'd just like to see
>(figuratively) you and Doug Gwyn, and maybe a couple others
>whose names don't pop off the top of my head right now,
>shake hands, pat each other on the back, and rejoin the
>group in friendly exchange of ideas.
>
>Rick
Fair enough.
But to be clear, I admitted that I should have said "known" in my
sentences. I just think it is cheap to take advantage of that minor
error in lack of clarity and try to twist some whole new meaning out
of it. I'll be more careful and use "known" in the future.
To sum up my position:
Microsoft, Sun, Oracle, Linux, SAMBA, BIND, Sendmail, IBM, Cisco, and
every other piece of software ALL have vulnerabilities known and
unknown. The current situation is that Microsoft software and OS is
so common that any vulnerability is felt through out the entire world.
The upside to that is that all these WORMs have had a tremendous
vaccine affect and now Windows systems are the most patched systems in
the world because they will die if they don't. Every other admin and
my own shop have gotten all critical updates installed through out
their network.
Microsoft in the past put way too much emphasis on ease of
configuration and tried to enable everything but the kitchen sink, and
they've learned a hard lesson for it and have reversed their "default
install" philosophy. Just look at Windows 2003 and how it's locked
down out of the box to the point that it's frustrating to people use
to the old Microsoft.
When I do an audit of most networks, the most blatant vulnerabilities
I see now are the Unix systems running Oracle, Sendmail, Solaris, and
Apache. It is the most difficult to patch are the Oracle systems
because they're so critical and difficult to schedule an outage, not
to mention that you're afraid you might break something or that
something isn't supported. Some of the other major holes on corporate
networks are Cisco IOS switches. Most companies have patched their
outward facing routers, but they have not done their internal IOS
switches. The fact that the average Joe Smith is not running Solaris,
Sendmail, or some of the other things I mentioned above might seem
like you're safe, but there is no reason Windows WORMS (or what ever
dominant OS of the future) can't be built to jump platforms and attack
everything else. The day that happens, the "unbreakable" crowd is
going to see the face of hell and the illusion of safety in diversity
will be shattered.
George Ou
http://www.LANArchitect.net
- Next message: Louis Scheffer: "Re: Factoring vs 3-SAT"
- Previous message: wrong way philbin: "Re: controversial paper"
- In reply to: Rickey Braddam: "Re: controversial paper"
- Next in thread: Cypher: "Re: controversial paper"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
