That’s scary. One of the first things I did when I started here 12 years ago is take away local admin from everyone. I got some pushback, griping, and even threats initially, but we haven’t had any malware since, and we can directly control what gets installed on PCs. The result is that the systems are more secure, reliable, and cheaper to operate.
From: David Lum [mailto:david....@nwea.org] Sent: Friday, September 07, 2012 10:20 To: NT System Admin Issues Subject: RE: Java vulnerability Q I my environment, anyone, because they’re all local admins. I don’t think it’s entirely my fault, but it’s not because I haven’t tried to change it….the Service Desk guys are unwilling to make the effort and neither is management…I’ve vented about that here before. From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]<mailto:[mailto:kennedy...@elyriaschools.org]> Sent: Friday, September 07, 2012 8:56 AM To: NT System Admin Issues Subject: RE: Java vulnerability Q I am betting you intentionally skip over the hidden tidbit in his question. “If a user gets a message from the Java updater, should they accept it…” What kind of user can install a Java update? ☺ From: Ziots, Edward [mailto:ezi...@lifespan.org]<mailto:[mailto:ezi...@lifespan.org]> Sent: Friday, September 07, 2012 11:54 AM To: NT System Admin Issues Subject: RE: Java vulnerability Q I would semi-trust the java updaters, but honestly, I would be pushing java 7 version 7 if you have a centralized platform for software updates. And if you don’t need java on your systems for functionality, remove it altogether. Z Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org<mailto:ezi...@lifespan.org> From: David Lum [mailto:david....@nwea.org]<mailto:[mailto:david....@nwea.org]> Sent: Friday, September 07, 2012 11:37 AM To: NT System Admin Issues Subject: RE: Java vulnerability Q Thanks. If a user gets a message from the Java updater, should they accept it if it’s verified from Oracle, or is that potentially an exploit? From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Friday, September 07, 2012 8:31 AM To: NT System Admin Issues Subject: RE: Java vulnerability Q Most times it’s a keylogger or other malicious code downloaded from multiple sources that will hook processes inject into other processes (legit) and try to remain persistent. If you can disable java invocation in the Internet Zone, which will stop the drive-by’s for the time being. Z Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org<mailto:ezi...@lifespan.org> From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]<mailto:[mailto:kennedy...@elyriaschools.org]> Sent: Friday, September 07, 2012 11:14 AM To: NT System Admin Issues Subject: RE: Java vulnerability Q The exploit is used to drop code on the target. That is how most of the exploits that you hear about are used. It isn’t that I use Java to get your password….I use Java to drop a keylogger on your box to get your password…for example. So you are looking for what they dropped. From: David Lum [mailto:david....@nwea.org] Sent: Friday, September 07, 2012 11:09 AM To: NT System Admin Issues Subject: Java vulnerability Q If a system has been compromised by the latest Java exploit – how would someone know? What would you look for? David Lum Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ________________________________ This e-mail may contain information that is privileged and confidential, the disclosure of which is governed by applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of the information is strictly prohibited. E-mail is inherently insecure and Panorama Orthopedics & Spine Center will not accept responsibility for any disclosure or loss of information as a result of this electronic communication. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
