Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Counseling not to use Windows (was Re: Anonymous surfing my ass\!)

From: full-disclosure () lists netsys com (hellNbak)
Date: Mon, 15 Jul 2002 00:44:35 -0400 (EDT)
I think I just saw a pig fly, hell freeze over etc...

I actually agree with Paul Schmehl on something other than Russ Cooper is
a sexy beast (not).

Mindless "dont use windows reccomendations" are just that, mindless.  If
you poorly manage the security of Windows networks what makes you think
that you will manage the security of *nix networks any better?

I do Pen-Tests for a living -- there are just as many ways to own a *nix
box as there are a windows box.

Do you expect that the mindless user base is going to be able to figure
out Linux (even with X) when they can barely run their MS based machines?

So many of my clients would fire you on the spot for reccomending that
they just stop running MS products.  If you truly are a security
professional -- you would know better.

NOTE:   I am not saying that MS products are superior in any way - for
those that know what they are doing - yeah run your favourite *nix.

On Sun, 14 Jul 2002, Paul Schmehl wrote:


Date: Sun, 14 Jul 2002 22:24:51 -0500 (CDT)
From: Paul Schmehl <pauls () utdallas edu>
Reply-To: full-disclosure () lists netsys com
To: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] Counseling not to use Windows (was Re:
    Anonymous surfing my ass\!)

Do you then wash your hands of that client?  Or do you purport to provide them with security expertise without 
helping them secure their network, simply because you're opposed to the use of MS products?  Companies make stupid 
decisions all the time.  It's the job of security professionals to find a way to make that nework 
_as_secure_as_possible_ regardless of the applications they have chosen to use.

IOW, after you've gotten off your evangelist's pulpit and come down into the real world, do you simply walk away from 
clients that refuse to take your advice?  Or do you help them secure their network _despite_ their poor choices?

Paul Schmehl pauls () utdallas edu
Supervisor, Support Services
University of Texas at Dallas
AVIEN Founding Member

----- Original Message -----
From: "David F. Skoll" <dfs () roaringpenguin com>
To: <full-disclosure () lists netsys com>
Sent: Sunday, July 14, 2002 4:58 PM
Subject: [Full-disclosure] Counseling not to use Windows (was Re: Anonymous surfing my ass!)


I think it's important for security professionals to tell people not
to use Windows, if only to open their eyes to the risk they put
themselves at, and also to the fact that there are alternatives out
there.

_______________________________________________
Full-Disclosure - We believe in it.
Full-Disclosure () lists netsys com
http://lists.netsys.com/mailman/listinfo/full-disclosure



-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

"I don't intend to offend, I offend with my intent"

hellNbak () nmrc org
http://www.nmrc.org/~hellnbak

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Previous By Date Next
Previous By Thread Next

Current thread: