Security Basics mailing list archives
Re: Patching
From: "David Lanagan" <DLanagan () sterlinginsurancegroup com>
Date: Tue, 21 Oct 2003 08:08:33 +0100
I know the feeling! (not the rain, it's sunny but cold here in London) We're being increasingly told to get patches on asap but we no longer have the time to actively test patches and updates before getting them onto production systems. I think the main problems over the next few years will be getting corporate environements to understand the importance of these patches and devote the relative resource to them, I bet I'm not the only one here who's reputation (and career to an extent) is being dictated by the uptime, availability and security of systems that are not only inherently insecure but also don't give me adequate control of the process. D. ________________________________________________________________________ Dave Lanagan Lead - Infrastructure Development Tel: 020 8334 1548 Fax: 020 8948 0161 Mail: dlanagan () sterlinginsurancegroup com
Alessandro Bottonelli <abottonelli () libero it> 10/20/03 09:12am >>>
A thought has been crossing my mind for a long time, I'd like to confront it with the list. In the "old days" a patch and/or fix was defined as "something that closes a known hole and opens ten unknown holes" :-) Yet, literature and common practices keep saying we should maintain our systems and network appliances up to date with the last patches / software releases. WHY should I feel safer that way? How can I tell Rev. 1.3 is any better (security-wise) than Rev. 1.2 ? Is the cost (financial and others) of change management worth it? If so, how can I measure such worthness? Too much caffeine on a rainy Monday morning, in usually sunny Italy? :-) -- Alessandro Bottonelli www.axis-net.it --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ---------------------------------------------------------------------------- The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of anyaction in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. The views expressed in this message do not necessarily reflect those of Sterling Insurance Group Ltd or any of its subsidiary companies. --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
Current thread:
- Re: Patching, (continued)
- Re: Patching Meritt James (Oct 20)
- RE: Patching Alexander Suhovey (Oct 21)
- Re: Patching Meritt James (Oct 21)
- Re: Patching Meritt James (Oct 20)
- Re: Patching Alessandro Bottonelli (Oct 20)
- Re: Patching Ansgar -59cobalt- Wiechers (Oct 21)
- Re: Patching Alessandro Bottonelli (Oct 21)
- Re: Patching Ansgar -59cobalt- Wiechers (Oct 22)
- RE: Patching Graydon McKee (Oct 22)
- Re: Patching Ansgar -59cobalt- Wiechers (Oct 21)
- RE: Patching wbradd (Oct 22)
- audit (was: Re: Patching Meritt James (Oct 27)