Educause Security Discussion mailing list archives
Re: [SECURITYEP] Discussion about Windows XP SP2
From: "Dunker, Mary" <dunker () VT EDU>
Date: Fri, 26 Mar 2004 08:19:44 -0500
I'll pass on the chat information to our Wiindows support team. So far, Microsoft has said the NTLMV2 problem with XP SP2 the NAS is not their problem, so we are pursuing it with NetApp and still trying to get both vendors to talk to one another. Thanks for your input. By the way, we have had all of those virus problems as well! Mary -------------------------------------------- Mary Dunker Secure Enterprise Technology Initiatives Virginia Tech Information Technology 1700 Pratt Drive Blacksburg, VA 24060 (540) 231-9327 FAX: (540) 231-7413 dunker () vt edu -----Original Message----- From: Niedens, Travis [mailto:Travis_Niedens () REDLANDS EDU] Sent: Thursday, March 25, 2004 7:09 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] [SECURITYEP] Discussion about Windows XP SP2 I am currently participating in the Windows XP SP2 beta. Honestly, I haven't as many issues. Have you participated in the chats that MS has hosted for this product? They have integrated a lot of suggestions from those between releases (Beta1, Beta2, RC1). Has your rep acknowledged the issue with NTLMv2? If so, was it due to a security flaw ? From what I have seen on the chats, features are either removed, modified or added purely to better secure the OS. Honestly, I'd rather have an issue like this rather than one where 500+ hosts get infected with a flavor-of-the-month virus and start bringing down the network. Travis Niedens Network Manager University of Redlands ________________________________ From: Dunker, Mary [mailto:dunker () VT EDU] Sent: Thursday, March 25, 2004 3:09 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] [SECURITYEP] Discussion about Windows XP SP2 I am just now getting on board with the Educause security groups, so forgive me if you have already discussed this... Relative to the discussions with Microsoft, I'm wondering if other higher education institutions are having problems securing their environments due to the lack of interoperability of Microsoft with other platforms. We currently have two issues that are preventing us from increasing security on our Active Directory: * Windows XP SP2 introduces a problem that prevents connecting to our NetApp NAS with anything higher than NTLM. (NTLMV2 worked before XP SP 2.) * Microsoft removed a lot of functionality that was in their Outlook 2001 product for the Mac when they replaced it with Entourage. We attempted to be involved in the beta release of Entourage, received the software too late to have our input recognized, and now the fact that our MAC users don't have a fully functional client for Exchange is keeping them on Outlook 2001, which does not support NTLMV2. We are working with our account reps. to try to resolve these issues with Microsoft and their business partners, but it is a struggle! Has anyone else experienced Microsoft-related interoperability problems that impact security? Mary -------------------------------------------- Mary Dunker Secure Enterprise Technology Initiatives Virginia Tech Information Technology 1700 Pratt Drive Blacksburg, VA 24060 (540) 231-9327 FAX: (540) 231-7413 dunker () vt edu -----Original Message----- From: Rodney Petersen [mailto:rpetersen () EDUCAUSE EDU] Sent: Wednesday, March 24, 2004 12:48 PM To: SECURITY-EP () LISTSERV EDUCAUSE EDU Subject: [SECURITYEP] Discussion about Windows XP SP2 Jack etal, I'd like to spend some time during the Effective Practices Working Group Call on Friday describing our interactions with Microsoft. (Hopefully, everyone has seen the Security Task Force document on "Improving the Security of Windows Platforms" posted to the Security Discussion Group.) I would also like to describe some earlier discussions with staff from the Center for Internet Security regarding their Windows benchmarks. The CIS benchmarks are currently discussed in the EP Guide. Finally, I have a call scheduled with Microsoft on Friday afternoon at 2 p.m. ET to brainstorm higher education's participation in the rollout plan for Windows XP Service Pack 2. I would like to see 1 or 2 members of the effective practices working group join me in that call. Thanks, -Rodney ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: [SECURITYEP] Discussion about Windows XP SP2 Dunker, Mary (Mar 25)
- <Possible follow-ups>
- Re: [SECURITYEP] Discussion about Windows XP SP2 Niedens, Travis (Mar 25)
- Re: [SECURITYEP] Discussion about Windows XP SP2 Dunker, Mary (Mar 26)