Full Disclosure mailing list archives
RE: MS should point windowsupdate.com to 127.0.0.1
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Fri, 15 Aug 2003 00:18:24 -0500
You're not allowed to participate. Only the geniuses that think they have it figured out already. :-) Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/
-----Original Message----- From: Blue Boar [mailto:BlueBoar () thievco com] Sent: Friday, August 15, 2003 12:15 AM To: Schmehl, Paul L Cc: Jeroen Massar; Tobias Oetiker; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] MS should point windowsupdate.com to 127.0.0.1 Schmehl, Paul L wrote:I just curious how you geniuses would solve this problem.You have amulti-six figure scientific instrument, which is onlymanufactured byone vendor in the entire world. Your research departmentdepends uponthat instrument to do research for which they are being funded handsomely by grants and expected to produce results. There's only one problem. The instrument requires that you run Windows 2000 Server with IIS, and the vendor requires that you not apply *any* patches post SP2. The government certifies theequipmentat a certain patch level, and if the equipment is patched then the certification no longer applies, the research is no longerfunded andyou are now staring a six figure boat anchor.<snip>2) Minus points if you say "Don't allow access to the Internet. It *requires* access to the Internet. (IOW, it has to be ableto connectto "live" IP address ranges, not private IPs.)What *kind* of Internet access? Any reason I can't put a firewall or proxy of some sort between it and the Internet? Maybe an IDS running as a router?
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: MS should point windowsupdate.com to 127.0.0.1 Schmehl, Paul L (Aug 14)
- Re: MS should point windowsupdate.com to 127.0.0.1 Blue Boar (Aug 15)
- Re: MS should point windowsupdate.com to 127.0.0.1 Barry Irwin (Aug 15)
- RE: MS should point windowsupdate.com to 127.0.0.1 Steve Wray (Aug 15)
- RE: MS should point windowsupdate.com to 127.0.0.1 Tobias Oetiker (Aug 15)
- RE: MS should point windowsupdate.com to 127.0.0.1 Jason Coombs (Aug 15)
- Re: MS should point windowsupdate.com to 127.0.0.1 Barry Irwin (Aug 15)
- Re: MS should point windowsupdate.com to 127.0.0.1 Michael Renzmann (Aug 15)
- Re: MS should point windowsupdate.com to 127.0.0.1 vb (Aug 15)
- RE: MS should point windowsupdate.com to 127.0.0.1 Jeroen Massar (Aug 15)
- <Possible follow-ups>
- RE: MS should point windowsupdate.com to 127.0.0.1 Schmehl, Paul L (Aug 15)
- Re: MS should point windowsupdate.com to 127.0.0.1 David Hane (Aug 15)
- Re: MS should point windowsupdate.com to 127.0.0.1 vb (Aug 15)
- Re: MS should point windowsupdate.com to 127.0.0.1 Paul Schmehl (Aug 15)
- Re: MS should point windowsupdate.com to 127.0.0.1 David Hane (Aug 15)
- RE: MS should point windowsupdate.com to 127.0.0.1 Richard Stevens (Aug 15)
- RE: MS should point windowsupdate.com to 127.0.0.1 Paul Schmehl (Aug 15)
- Re: MS should point windowsupdate.com to 127.0.0.1 Jeremiah Cornelius (Aug 15)
- RE: MS should point windowsupdate.com to 127.0.0.1 Paul Schmehl (Aug 15)
- RE: MS should point windowsupdate.com to 127.0.0.1 Schmehl, Paul L (Aug 15)
- Re: MS should point windowsupdate.com to 127.0.0.1 Blue Boar (Aug 15)