I am happy to say my settings are always up on the browser and gladly
it does kill the flash...
I like a fair percent of the technobabble bunch probably am not
typically interested in how many times folks can slide their logo or
plop out pure marketing :) Flash that isn't optionally sent isn't
cool.. and indeed maybe this whole thing migh cause people to integrate
flash selectively :)
We likewise have got calls when our clients opted to utilize a self
signed cert because of cheap factor vs. teh Verisign use-to-be
overpriced monopoly :) At any rate, same sort of general panic and
general calls...
I have been running IIS for years... I use to be a Website Pro person
myself.... I run IIS because of the easy of installation and rapid
knowledge base I have accumulated... I only utilize it to serve pages,
log the accesses and interface with Cold Fusion... but indeed I
finally got my first viral infection in my 14+ years of computing...
Running away from IIS is not the solution. One of Microsofts big
problems right now is the overbearing loopiness of patching a system..
do this and that.. and that patch undoes this... it is almost an art to
make sense of....
IF I WERE MICROSOFT, I would issue the patches and start issuing
frequent all inclusive update bundles that knock it all out... this
piecemeal stuff is really getting to people... AND quit NEEDING A DAMN
reboot every time I patch something... stop the service and unload and
reload... I rebooted one machine about 14 times the other day issuing
each patch... I certainly am considering switching in part due to
that.. Heck I might even end up running my front end web servers on
Linux with Apache again...
I personally can attribute 3 full work days over the last quarter to
patching IIS and addressing the strand of Virus stuff floating
around... I encourage folks to install some monitoring packages...
Install virus software and scan regularly... run backups often enough
and keep track of your systems... Indeed this concept of plug in and
run forever is utopian from the hosting perspective... We all need to
be a bit more aware of what our machines are talking to and who is
talking to them... the ingenuity behind them is only going to get
better and certainly is not going to stay isolate to MS stuff..
-paris
[finding the future in the past, passing the future in the present]
[connecting people, places and things]
-----Original Message-----
From: "Benjamin Falloon" <[EMAIL PROTECTED]>
Date: Wed, 26 Sep 2001 11:59:19 +1000
Subject: Re: Check out what Gartner is recommending. Drop IIS!
> I've resent this email because it didn't go through earlier...
>
>
> Very good intelligent responses Rey and Dave.
>
> Ultimately it comes down to responsible management in the form of
> expertise
> as you both allude to. I think you have a good point though Dave in
> saying
> that IIS is maybe a little over-loaded. I read a report from some
> people
> administering army.mil (or something like that) just today and it's
> conclusion rested on the same principle of awareness. Interestingly,
> there
> conclusion was the in order for your 'average' set-up (read - no
> frills) the
> most 'secure' server set-up (being less exposed) would probably be a
> Mac
> with a vanilla web server.
>
> This issue is so multi-faceted that it's impossible to cover specific
> needs
> and unwise to generalise to much. One major issue in light the recent
> Nimda
> worm is that because there are many irresponsible IIS admins these
> type of
> worms can spread even further and faster than before. An unfortunate
> side
> effect was articulated by our colleagues on one of the flash lists
> that
> people were being encouraged to increase there IE security settings
> to avoid
> the infected servers (caused in part by IIS in combination with
> ActiveX -
> both MS). The side effect being that people visiting flash sites were
> getting security 'warnings'. I've had one of our clients call citing
> people
> not wanting to enter the web site because of these warnings.
>
> If as you suggest Dave, these 'features' could be by default turned
> off then
> maybe that's a start... But it seems to me that MS is being targeted
> more
> than anything else and its counter productive to the development
> community
> if MSs own software 'features and flaws' starts interfering with our
> work in
> other way then just security (as the flash example shows).
>
> Benjamin
>
>
>
> ----- Original Message -----
> From: "Rey Bango" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Wednesday, September 26, 2001 6:45 AM
> Subject: Re: Check out what Gartner is recommending. Drop IIS!
>
>
> > > My point is that you would have less exposure to risk running
> alternatives
> > > because they aren't a massive target like IIS is.
> >
> > Sorry bud but you're exposed with every server. I've got a T1
> running in
> > here and I scan the logs. I get probed all of the time on all
> different
> > types of ports and as I mentioned before, MS is just the flavor of
> the
> > month. Don't be surprised that while everyone is making a big deal
> about
> > IIS, someone's alrady coming out with a new worm for Linux. There
> was a
> nice
> > juicy one just awhile ago that really slapped around several Linux
> admins.
> >
> > You are exposed at the moment that you connect *any* server or pc,
> with
> any
> > OS, to the Net and to assume that you would have less exposure to
> risk by
> > not using MS/IIS would be naive. *YOU* are the main determining
> factor in
> > how secure your box will be. Yes, applying patches is a PITA but
> its part
> of
> > what goes with running a publicly accessible web server.
> >
> > Here's my take on this, irregardless of OS. If a person does not
> know how
> to
> > properly manage their box or doesn't have the time to do it, then:
> >
> > 1) They shouldn't be putting it out on Net or
> > 2) They should hire someone to do it.
> >
> > The management of a webserver is essentially a full-time job and
> most
> people
> > treat that responsibility in a half-ass way. Then, when they get
> hacked,
> > they blame the OS. Its like raising a child. If you're not prepared
> to do
> it
> > the right way, then abstain, wear protecion or stay celebate! hehe.
> >
> > Thanks for the opinions, bud.
> >
> > Rey...
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get the mailserver that powers this list at http://www.coolfusion.com
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
