But are you sure that MS has all of the bits in place to protect your
network? They may have been infected because of something that has been
overlooked, and not because one of their sysadmins was playing quake.
They may have all of the patches they have in place, but were still hit
from the side door. If they overlooked it for themselves, how can you be
sure all of the patches you have will sort you out?
I don't agree that sysadmins have been dropping the ball lately either.
There is more than one ball to carry in most cases, and the trick is
keeping them all up in the air at the same time. It is much easier to
secure a small system than a large one as well, which only adds to the
challenges we all have the pleasure of dealing with daily.
I fully agree that we should always be prepared for all known threats,
but the key work there is known. I certainly don't know all of the
threats out there, and have to take MS on faith in terms of what Service
Pack or hotfix I need to protect my systems, so I hope they were lazy on
their end, at least that way I know we are cool here. If they had all of
the patches in, and still got it anyways, then I guess we are all in for
some long nights.
Clayton Doige
IT Manager MCSE, MCP + I
Gameday International N.V.
Bound in a nutshell, King of infinite space...
T: +5 999 736 0309 ext 4537
C: +5 999 563 1845
F: +5 999 733 1259
E: [EMAIL PROTECTED]
-----Original Message-----
From: John Hornbuckle [mailto:[EMAIL PROTECTED]]
Sent: September 20, 2001 11:42 AM
To: NT System Admin Issues
Subject: RE: Microsoft Has Nimda
What conclusions am I jumping to, and what releases do you presume I'm
not reading?
And you're correct... There IS a difference between a large organization
and a school district. The difference is that the large organization has
a greater responsibility to ensure security--not to mention vastly more
resources with which to do it.
I'm sorry, but I think sysadmins have been dropping the ball too much
lately. Again, I know we're not all perfect. I'm sure there are
vulnerabilities my servers have that I've missed. I know that if anyone
wanted badly enough to get into them, they would find success. But I
also know that we've not been vulnerable to Code Red, Code Red II, or
NIMDA because we've stayed up-to-date on patches and general security
issues.
We all know the saying: Fool me once, shame on you. Fool me twice, shame
on ME.
Code Red should've been a wakeup call to sysadmins everywhere
(personally, I was already awake because a prior hack attempt months
earlier had been MY wakeup call). Apparently, some people didn't learn
their lesson, though, and still had unpatched servers. What's their
excuse--particularly in a large company?
________________
John Hornbuckle
Network Manager
Taylor County School District
318 North Clark Street
Perry, FL 32347
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 12:20 PM
To: NT System Admin Issues
Subject: RE: Microsoft Has Nimda
I think it best that you read the releases. That way you will have a
better grasp of how the Virus/worm spreads and will not jump to
conclusions. Granted you have a point but I am sure that the differing
methods in which a large organisation works and a school cannot be
compared.
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
