Re: Windows Awareness Question

[Brian Kaye <bdk () UNB CA>]

One thing that Microsoft fails to mention is the fact that the firewall in
XP is exposed for anywheres between 15-30 seconds during the boot process.
The stack is enable before the firewall starts so you can get compromised
during the startup.


.....Brian Kaye
.....UNB

On Fri, 27 Feb 2004, James Moore wrote:

> Date: Fri, 27 Feb 2004 10:16:42 -0500
> From: James Moore <jhmfa () RIT EDU>
> Reply-To: The EDUCAUSE Security Discussion Group Listserv
>     <SECURITY () LISTSERV EDUCAUSE EDU>
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Windows Awareness Question
>
> During times of high worm activity (like now, and probably ...), I have
> had several reports of systems being compromised before they had
> finished windows update.  On campus we can use a SUS server to speed
> things up, but we have a large portion of our faculty and staff with
> home systems, and internet connections.
>
> What bothers me about the MS solution is that it allows a window of time
> for compromise, and I am not sure that window is short enough.
>
> And the people who need the greatest protection are often the people who
> wouldn't know if they were compromised during setup.  They would
> complete the steps, and then believe that they were secure.
>
> In the campus environment, many of the larger support organizations have
> ACL restricted subnets where they build their systems.
>
> Jim
>
> -----Original Message-----
> From: The EDUCAUSE Security Discussion Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Tim McGuffin
> Sent: Thursday, February 26, 2004 7:36 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Windows Awareness Question
>
> http://www.microsoft.com/protect/ will give most users the information
> they should need.
>
> --Tim
>
> -----Original Message-----
> From: The EDUCAUSE Security Discussion Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of James Moore
> Sent: Thursday, February 26, 2004 6:29 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] Windows Awareness Question
>
>
> I need a resource to take someone through step by step what they need to
> do when they buy a new PC.  It was assembled months ago, it doesn't have
> 50 patches it needs, and ...
>
> I have been asked for a "Where do we start" article.  When I help
> friends out at home, I burn the latest free firewall, free antivirus,
> free ad-aware, and free anti-spyware to a CD, load that before
> connecting to the network, and then start windowsupdate after everything
> else is loaded.
>
> How do you advise users of home systems, and students?
>
> Jim
> - - -
> Jim Moore, CISSP, IAM
> Information Security Officer
> Rochester Institute of Technology
> 13 Lomb Memorial Drive
> Rochester, NY 14623-5603
> Office: 585-475-5406
> Fax: 585-475-7950
>
> "In cases of defence 'tis best to weigh the enemy more mighty than he
> seems" - William Shakespeare (Henry V, Act 2, Scene 4)
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
> Group discussion list can be found at http://www.educause.edu/cg/.
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
> Group discussion list can be found at http://www.educause.edu/cg/.
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
> http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.