Dailydave mailing list archives

Re: Media Excitement!

From: "Des Ward" <des_ward () o2 co uk>
Date: Fri, 22 Apr 2005 07:45:17 GMT

Totally agree, how many people see asset/change management as being related to security?

If people understood what's in their environment and made some effort to deploy builds/infrastructure with some 
thought, not only would the securing of said environment be easier but the ops/support side of things would be so much 
easier too (Plus costing less in money/time).

MS get a lot of stick, but who uses RIS/SUS server to create referenced builds? This is free technology that can help 
with DR and simplifying build procedures.

IT needs to become more aware of it's responsibility and use what it has to its disposal instead of just blaming 
vendors all the time.
-----Original Message-----
From: Ron Gula <rgula () tenablesecurity com>
Date: Thu, 21 Apr 2005 17:06:23 
To:"dailydave" <dailydave () lists immunitysec com>
Subject: RE: [Dailydave] Media Excitement!

At 03:21 PM 4/21/2005, Kohlenberg, Toby wrote:

"Aitel disputes the mantra that patches are the ultimate remedy.
"Patching is terribly expensive," he says. "You have to test and test to
ensure that your applications all work after the patch. And then
deploying a patch in a medium-sized firm will cost many hundreds of
thousands. How many companies are prepared - or even have - this kind of
money to spend on deploying a patch?""

Okay, so I agree with every one of these statements.
Now, what's the alternative to patching?


The alternative is better network management.

I've become a disciple of the zen network manager masters ;) Anyone read
books like 'Visable Ops'? It basically says there are 4 types of networks:

1 - those that continuously have unplanned outages (including self those 
inflicted)
2 - those that have enough controls to en-force change management
3 - those that have enough controls to build their systems the same every time
4 - those that do 2 & 3, but try to increase available uptime and also
     lower outage times

The reason that patching is a pain in the ass is that we don't
know what is on our networks. If you have a better idea of what
is on your network, you can have better controls in place to
compensate for your risks.

Said another way, would you rather secure a bunch of computers
that are configured exactly the same, or attempt to secure random
configurations. Now how about incident response?

Ron Gula, CTO
Tenable Network Security
http://www.tenablesecurity.com










_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave

Kind regards,

Des Ward
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Re: Media Excitement!, (continued)
- - - Re: Media Excitement! Anton A. Chuvakin (Apr 21)
    - RE: Media Excitement! Ben Nagy (Apr 21)
    - Re: Media Excitement! Cody Hatch (Apr 22)
    - Re: Media Excitement! robert (Apr 22)
    - Re: Media Excitement! Cody Hatch (Apr 22)
    - Re: Media Excitement! Roman Medina-Heigl Hernandez (Apr 22)
    - Message not available
    - RE: Media Excitement! Ron Gula (Apr 21)
    - Re: Media Excitement! Brian (Apr 21)
- Re: Media Excitement! rgula () tenablesecurity com (Apr 21)
  - Re: Media Excitement! Brian Caswell (Apr 21)
- Re: Media Excitement! Des Ward (Apr 22)
- RE: Media Excitement! Gilmore, Corey (DPC) (May 02)