Bear in mind that SUS only supports OS patches. Application patches, Service
Packs, etc. are not handled by SUS.
http://www.microsoft.com/windows2000/windowsupdate/sus/susfaq.asp
This does NOT mean that SUS isn't useful, only that it does have limitations
(e.g It can't be used for MS Office, which
Chris,
Have you considered approaching upper management with a basic cost/benefit
analysis?
Obviously, if you can't justify the cost of replacing their favorite products
with more secure alternatives, your project is doomed from the beginning. It
doesn't matter if Outlook Express is the most vulner
Tim,
Would you then consider proper implementation to be in accordance with the
vendor's recommended guidelines and practices?
As an example (based on one of the debated products here), if one selects the
default installation for IIS (through 5.0), many vulnerabilities are left open.
However, Micr
I consistently saw this with FPort 2.0 running against NT 4 systems. Backed up
to version 1.33 and ran with no problems.
I never really pursued what the issue might be with 2.0, but it apparently has
problems with at least some 4.0 configurations.
hth,
Charlie
Hellraiser wrote:
> I seems that no
Toni, David...
Have you (and your respective staffs) considered a compromise?
I don't know precisely how widespread business IM use is, but it is an expanding
market. If your end-users (and by extension, IT staff) see it as a business
requirement, it seems to me that the "battle" has already been
Tiag,
The next question I would ask of you is "Why do you feel you need a
DMZ?". Others have replied with the definition (and basic layouts) of
a DMZ. While you're certainly looking at securing things, your posting
appears to be (as others have noted) confusing the terms DMZ and
firewall. The
Muhamad,
MBSA is based off of HfNetchk. As such, it's "target" install section is the Security
Bulletins section rather than Windows Update. While it *does* detect items often
installed via Windows Update *and* replaces the Personal Security Advisor,
the tool checks much deeper than the analysi
Timely posting for me Daymon, this is something I'd like to hear opinions on...
I personally am not conceptually fond of password management systems. Admittedly
I only have a few passwords to remember (less than 10), but paranoia suggests to
me that having such an app on your system is simply an
I have seen some messages in the Microsoft IIS and security news groups
on opeing up specific .exe's via URLScan.
Although the solutions were rather convoluted, you may want to check
some of the groups there and post a question or two. I haven't worked
with URLScan to the depth of knowing this on
Morning Math,
In the past there have been significant differences between the the two. MS is
doing a better job of providing security patches through Windows Update, but
(last time I checked) there were still some differences.
You best bet (for now) is to "rely" on Windows Update for everyday t
There are also a couple of third-party products out now as well..
UpdateExpert (sp?) and hfnetchk pro (Shavlik Tech.) are the first two that come
to mind.
I have not tested with either product (although I'm sure anyone in an MS shop
has been using regular hfnetchk by now).
Like Eric I've been us
durga,
You're being hit by NT/2000 worms looking for IIS vulnerabilities. Sadly,
one more negative effect of the cretins who wrote these things...
Charlie
[EMAIL PROTECTED] wrote:
> Hi gurus
> one of my apache servers is being bombarded by some IPs (in different
> ranges) trying for a root.exe
Len,
I would add only one thing
Attacking any box that does not belong to you (random or otherwise)
without the express permission of the owner is not an acceptable practice.
Charlie
leon wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi,
>
> Here are my thoughts:
>
> First o
13 matches
Mail list logo