On Tue, Jul 01, 2003 at 12:28:37AM -0700, Vic Parat (NSS) wrote:
> I would definitely question some of your choices (is Apache more secure than
> IIS?) but I think top honors for "the ten least secure computer items" is an
> under qualified system administrator. This also makes this "top ten" list
> kind of pointless and highly subjective because proper configuration is
> everything in security and a properly configured IIS box is by far more
> secure then an improperly configured Apache box. Same goes for Sendmail or
> Exchange or Notes or....
> Also, how did you come up with the list? You say "worst offenders", what
> are your facts? I think your question should be more in line with "what's
> everybody's least liked computer item in terms of security" than the least
> secure. I don't think anybody (outside of the government) has a truly
> objective, well researched list to answer your question as it currently
> stands.
>
>
I concure with Vic as I would list sendmail up there but know of friends
(Knock on wood) that have never had a sendmail exploit in thier life.
Thats saying a lot when they can recieve 1200+ emails per minute at
peek. I'd more or less set up guidelines, no icq, aim, msn unless it's a
must. No personal e-mails (potential viruses), etc. It's a mater of what
you can patch, I like linux but I have a friend that can tighten down MS
2K like nothing you ever seen :) . Just evaluate what you need and
remove all the rest.
--
Jerry M. Howell II
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
