North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT)
- From: Brian Russo
- Date: Mon Apr 19 06:29:31 2004
At Mon, Apr 19, 2004 at 06:12:16AM -0400, Chris Brenton wrote:
>
> Key word here is "essentially". I've been involved with about a half
> dozen compromises that have been true zero days. Granted that's less
> than ground noise compared to what we are seeing today.
There're a lot more 0-days than that. They just tend to remain
within a smaller community (typically the ones who discover it) and are
used carefully/intelligently for compromises, often for a very long
time. Then it gets leaked by someone and released into the wild/script
kiddie community or someone else discovers it...
(more for benefit of others than a response to you)
> Also, don't underestimate a person's ability to shoot themselves in the
> foot. Windows 2003 server, out of the box, is technically one of the
> most secure operating systems out there because it ships with no open
> listening ports. Based on the auditing I've done however, it ends up
> being deployed even less secure than 2000 because a lot of admins end up
> doing the "turn everything on to get it working" thing. An uneducated
> end user is not something you can fix with a service pack.
Agreed, and even conscientious users screw up. I did this some months
ago when installing MS SQL Server Desktop Engine from a third-party CD
(packaged with software). This was well after the whole Slammer affair,
memories fade and I didn't stop to realize they used the same
codebase.... (oops)
- bri
|
