----- Original Message -----
From: "Chris Berry" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 01, 2003 1:00 AM
Subject: Re: Ten least secure programs
> >From: Patrick Boucher <[EMAIL PROTECTED]>
> >Greetings,
> >
> >The first one i would use would be "Internet Explorer" There are so many
> >bugs and work around holes.. I think it is worst then Outlook, Or Outlook
> >express.
> >
> >That's my No. 1.
>
> Well, I wasn't concerned with feature or useability bugs, only security
> ones, so I don't agree. If your IE is fully patched and configured it's
not
> that bad. (though I personally use Mozilla instead because of the nice
> features).
>
Why then are you putting sendmail on the list?
Sendmail can be quite secure if kept up to date patchwise and configured
properly (although I'd use qmail or postfix personally).
Same thing with IIS and PHP, if they're patched and well configured, they're
definitely no worse than IE...
I really don't see where you're coming from with this list, you need to
decide on your criteria, and stick to them.
For example,
1. Inherently Flawed (kind of hard to quantify, but I guess outlook's
execute code without user input is probably a good example, or telnet's
complete lack of encryption).
2. Too difficult for beginning user to configure securely (any product badly
configured is a risk)
3. Under a lot of scrutiny for security holes (as many MS products are, like
IE and outlook, IIS, etc).
Each of these has to be considered/balanced when you try and make a "least
secure list", which of these is the most important to you?
> Chris Berry
> [EMAIL PROTECTED]
> Systems Administrator
> JM Associates
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
