Re: [NTLK] trotter [OT] Security

From: Ed Kummel (tech_ed_at_yahoo.com)
Date: Thu May 23 2002 - 15:34:06 EDT

All OS's are insecure out of the box. Without
exception. All this has done is show that there are
people out there who say they know what they're doing
when indeed they aren't. Nimda took advantage of an
exploit in Solaris servers that had a patch written
for it over a year earlier! Why didn't these Solaris
machines get patched? Because the so-called admins
didn't believe that security was a priority, or their
own ego got the best of them with believing (like most
Un*x admins) that nobody was smart to exploit *their*
servers...
Now, security is a hot-button! And especially in the
wake of 9/11, it's a constant battle to maintain the
security of your servers! I personally don't have a
problem with security. I'm smart enough to make sure
that my machines are secure beyond the patching
needed. Using some self developed methods, firewalls,
NATting and tools that Microsoft is supplying (the
MBSA is a really good tool along with URLScan, both
from Microsoft. I also run AdAware as well!) I feel
quite safe in that my machine can thwart existing
exploits and even future exploits! It's not difficult
to do, but apparently most admins out there in the
internet just aren't smart enough to "lock their own
doors!" this is evidenced by the fact that there are
so many machines being exploited! When I buy a house,
it comes with a lock on the door. It isn't locked when
I walk into the house, but you can bet that when I go
inside, or leave it unattended, the door is locked,
dead-bolted and an alarm is activated. Just basic
security!
Sorry about the rant...
BTW, if someone wants to talk off-list about this, I
do have an innovative security method for Windows
machines to be bullet proof against almost any kind of
exploit, present or future!
Ed
web/gadget guru
http://newton.tek-ed.com (download Newton packages)
http://npds.tek-ed.com (my NPDS server and it's new
subdomain)
--- richard_at_cyberphotographer.com wrote:
>
> > > My mistake, sorry. Dang - another chance to
> slag off the evil empire
> >> thwarted.
> >
> >Hmm, with Ed as the Microsoft Defender(sic), and
> knowing his attention to
> >details, you'll find it hard to slap Micro$oft at
> all...
>
> I suppose I'll just have to leave it to the US gov
> and States. Er, on
> second thoughts maybe the code red/nimda kiddies are
> doing a better
> job.

=====
Roll that beautiful bean footage!
- Jay Bush (Bush's Baked Beans)

__________________________________________________
Do You Yahoo!?
LAUNCH - Your Yahoo! Music Experience
http://launch.yahoo.com 

-- 
Read the List FAQ/Etiquette: http://www.newtontalk.net/faq.html
Read the Newton FAQ: http://www.guns-media.com/mirrors/newton/faq/
This is the NewtonTalk mailing list - http://www.newtontalk.net

This archive was generated by hypermail 2.1.2 : Wed Jun 12 2002 - 20:02:40 EDT