Full Disclosure mailing list archives
Re: Microsoft plans tighter security measures in Windows XP SP2
From: Ben Nelson <lists () venom600 org>
Date: Fri, 31 Oct 2003 09:11:37 -0700
yossarian wrote:
New or not, it is one of the major gripes I always hear from Sys Admins in reference to MS software. No doubt, it should have happened a long time ago, but....as they say....better late than never.Most of it appears to be tighten the defaults. Usefull, yes, but not very new..
> The application white list is an extension for ICF that has the same
The application firewall sounds like a good idea. Of course, it may take a few iterations and some bug fixes to get it right and make it easy to administer, but you've got to start somewhere and this also seems to me like a step in the right direction. The ultimate fix would be to promote better (and more secure code), but since this will also protect 3rd party applications that MS has no control over it'll definitely help. A little 'defense in depth' (hardly) ever hurts.problem, who knows what apps are valid, who is to manage the list of 'known to be good' etc. Usually admins consider the Firewall a thing that just is, and often it is managed by a specialized admin. Now every NT-admin will have to know the working of an application firewall, and generally, of all the installed software. This will raise the TCO, and if companies do not employ more and more skilled support staff, the feature will just be in the way, and ICF probably disabled.
I agree that 'less features is more security', but lets face it....people (by people, I mean the general public) want features and MS is in the business of making money. More features == more money for them. I don't begrudge them this (I work for a software company myself), so taking steps to make the additional features more secure (if even by using sane defaults) is a good thing.My 0.02 cents: nice try, but next time go for less is more - less features is more security, this is just another featuritis.
I have traditionally been an anti-MS bigot. However, I am always happy to see vendors making an effort (however small it may seem) to improve the security of the environment that they provide. I don't even own a Windows machine, but if these 'enhancements' help mitigate the spread of things like Blaster and SoBig.F, then I don't have to spend my time going through a zillion IDS alerts and wasting CPU cycles on my Unix-based MTA filtering out crap emails.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft plans tighter security measures in Windows XP SP2 Helmut Hauser (Oct 31)
- Re: Microsoft plans tighter security measures in Windows XP SP2 yossarian (Oct 31)
- Re: Microsoft plans tighter security measures in Windows XP SP2 Ben Nelson (Oct 31)
- Re: Microsoft plans tighter security measures in Windows XP SP2 Georgi Guninski (Oct 31)
- <Possible follow-ups>
- RE: Microsoft plans tighter security measures in Windows XP SP2 Schmehl, Paul L (Oct 31)
- Re: Microsoft plans tighter security measures in Windows XP SP2 yossarian (Oct 31)
- Re: Microsoft plans tighter security measures in Windows XP SP2 Kenton Smith (Oct 31)
- Microsoft plans tighter security measures in Windows XP SP2 Jason Freidman (Oct 31)
- Re: Microsoft plans tighter security measures in Windows XP SP2 yossarian (Oct 31)
- Re: Microsoft plans tighter security measures in Windows XP SP2 yossarian (Oct 31)