TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
Hi tai,
Hope this helps; there are still CLI available on the System Scanner agents
side.
though this is limited as it is mainly use for management
task..scanning..managing baseline.
IF need be, write a simple Java-based GUI to utilise this CLI. This is the
method ISS is using for their Sensor Manager for RealSecure.
Guess this been available, ISS would not want to develop UNIX-based GUI
since UNIX has better remote managment ability than NT.
The other reason is reporting tools such as Crystal reports are created
mainly for desktops.
Totally agreeable on the engineers and business precedence over security
statement...sad to say IT or engineering careers always demands the most out
of anyone's personal time and life. Business always rules and security as an
afterthought ...sad reality and total diasaster when business is affected
due to this oversight.
Lastly, it is really a business case for a feature to be included. I have
asked previously and presented with the following task...
You will need to reflect the size of deployment; corporate implications
faced and probably expected development path eg. growth
If you can consolidate this data for your organisation; push it through to
your management; get someone higher up to sign off...
That will be a case for ISS guys to take note and get funds and manpower
into the development task.
regards
J
----- Original Message -----
From: "tai" <[EMAIL PROTECTED]>
To: "Johnny Kho" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Saturday, July 21, 2001 7:40 AM
Subject: Re: Quick question about system scanner
> All,
> I hope some of these public responses (and I wish I can print the
> private responses to myself) show ISS that there is a healthy interest in
a
> Unix based solution for System Scanner as well as the possibility of using
> another database such as Oracle for backend db work.
> This particular reply is a little off topic, but I feel that it
> needs to be mentioned.
>
> On Thu, 19 Jul 2001, Johnny Kho wrote:
> > I think the first mistake you made is to come on this forum shooting
without
> > even checking your rounds...NOT even testing the software!!!
>
> I came here to find out more. My team had already worked on the
> architecture, and have ran it by ISS and they ok'ed it. My complains have
> nothing to do with usability, but with the architecture. Again (and this
> is my personal opinion - and I do have significant NT support background,
> and I _am_ able to secure it), you DO NOT deploy a major security
> infrastructure on NT simply because NT will always contain components that
> are not necessary for a server (ex: "desktop", "active desktop", IE and
> activeX availability, and a multitude of other components that gets
> installed even though it is not used most of the time).
>
> > We can never be totally-biased against any software; everything has its
> > merits and if you are looking for a perfect solution, no way you can
find it
> > in any off-the-shelf software without customisation. Everyone's needs
> > differ. Then again, solutions are a combination of technology and human
> > intelligence so these are merely tools.
>
> This is a straw man. Remember, ISS _threw away_ unix support that
> was available. I agree that "console" is best suited to an NT environment
> because that's what 90% of the desktops are running. But backend
databases
> and all the other controlling agents and whatnots are not best suited for
> NT. Many major datacenters do not run NT. We would have had System
> Scanner *DEPLOYED* already the moment it came out, if it were Solaris or
> HPUX based (even linux). We are STILL trying to push out our current SS
> architecture and getting push back from the datacenter owners. I am NOT
> looking for the perfect solution. And the problem is that SS CANNOT be
> customized to work in my datacenter.
>
> > Information Technology is all about exploration of possibilities; that
is
>
> NO. Information Technology is all about using information and
> technology to supply a solution to your needs. Exploration of
> possibilities is left to Research and Development groups. IT is about
> _APPLICATION_ of technology. Which, in this case, in my opinion, is badly
> done (note, this has nothing to do with the people/support from ISS, which
> is very good from my company's experience).
>
> > the true spirit of IT professional.
>
> As someone who is trained as an engineer (BS Civil Engineering),
> _I_ want to build systems that are stable, systems that I can be proud
> of. When you put up a bridge, there is no such thing as "hmm, let me try
> that, seems to work, ok, lets deploy". You make damn sure your bridge is
> capable of staying up, or people will die. I find it truly appalling that
> much of the so called Information Technology professionals (not you
> personally, I'm talking in general) do not understand the technology that
> they are supposed to be experts in, and do not care. In this category
goes
> the Microsoft company. Individual contributors may not be, but the
> corporate culture is definitely like that. For those who disagree, check
> out the book "The Software Conspiracy" by Mark Minasi. In it, he
> interviews senior management folks at companies like Microsoft and
> Netscape, and got their permission to quote them! And they are quoted as
> saying that security is not as important as new features, that some push
> out software as it compiles, not bothering with any designing (re: the
> latest mess with Adobe's ebook) or testing or other things you're taught
in
> your basic programming class.
>
> My Civil Engineering professor, in my first class, basically told
> us that there are two kinds of engineers. On a Friday afternoon, you're
> preparing to go for a barbeque/ballgame/party. Latest design changes to a
> wing comes in. Do you just sign off on it, or do you spend the weekend
> checking out the wing design, to make sure it meets all the requirements?
> If you're the first type, my professor asks you to go into business or
arts
> or comp science. My chosen profession is IT. I ask those who will just
> sign off to go into sales or something else.
>
> > Constructive suggestions are always
> > welcome and I believe developers will take heed to them.
>
> Yes, they're pretty responsive actually. But in this case, I do
> not think it was the engineers/developers fault, but that the management
> made the call. It is up to us, the users, to tell ISS that it is the
wrong
> call. I have spoken up. A couple of others have spoken up. Some have
> emailed me privately. Is this going to change ISS's position? Heck
> no. Only when everyone who wants to run a Unix version has spoken, and
> together, will ISS management make that kind of a change.
>
> > ISS developers have proven this point in the release of RealSecure 6.0
with
> > quite a fair bit of end-user wish-list answered. Be constructive and
write
> > to [EMAIL PROTECTED]
>
> I did. They replied saying they are not interested. However, when
> I spoke with their technical person, they said that there is some interest
> from a number of users.
>
> > cheers and all the best in exploring the use of System Scanner...
>
> Thanx.
>
> -Tai
> --
> http://philip.greenspun.com/bg/
> http://www.vcnet.com/bms/features/serendipities.html
> http://www2.hunter.com/~skh/humor/admin-horror.html
> http://www.despair.com/demotivators/cluelessness.html
>
>
