nanog mailing list archives
Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT)
From: Brian Russo <brian () entropy net>
Date: Mon, 19 Apr 2004 06:27:24 -0400
At Mon, Apr 19, 2004 at 06:12:16AM -0400, Chris Brenton wrote:
Key word here is "essentially". I've been involved with about a half dozen compromises that have been true zero days. Granted that's less than ground noise compared to what we are seeing today.
There're a lot more 0-days than that. They just tend to remain within a smaller community (typically the ones who discover it) and are used carefully/intelligently for compromises, often for a very long time. Then it gets leaked by someone and released into the wild/script kiddie community or someone else discovers it... (more for benefit of others than a response to you)
Also, don't underestimate a person's ability to shoot themselves in the foot. Windows 2003 server, out of the box, is technically one of the most secure operating systems out there because it ships with no open listening ports. Based on the auditing I've done however, it ends up being deployed even less secure than 2000 because a lot of admins end up doing the "turn everything on to get it working" thing. An uneducated end user is not something you can fix with a service pack.
Agreed, and even conscientious users screw up. I did this some months ago when installing MS SQL Server Desktop Engine from a third-party CD (packaged with software). This was well after the whole Slammer affair, memories fade and I didn't stop to realize they used the same codebase.... (oops) - bri
Current thread:
- Microsoft XP SP2 (was Re: Lazy network operators - NOT), (continued)
- Microsoft XP SP2 (was Re: Lazy network operators - NOT) Sean Donelan (Apr 18)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Brandon Shiers (Apr 18)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Petri Helenius (Apr 18)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Henry Yen (Apr 18)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Peter Galbavy (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Michael Painter (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Patrick W . Gilmore (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Paul Vixie (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) John Kristoff (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Chris Brenton (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Brian Russo (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Chris Brenton (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Brian Russo (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Jeff Shultz, WIllamette Valley Internet (Apr 19)
- RE: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Geo. (Apr 19)
- Re: Microsoft XP SP2 (was Re: Lazy network operators - NOT) Alexei Roudnev (Apr 19)
- Re: Lazy network operators - NOT Paul Vixie (Apr 19)
- Re: Lazy network operators - NOT Sean Donelan (Apr 19)
- Re: Lazy network operators - NOT Matt Hess (Apr 18)
- Re: Lazy network operators - NOT Alexei Roudnev (Apr 18)