Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft plans tighter security measures in Windows XP SP2

From: Kenton Smith <ksmith () chartwelltechnology com>
Date: 31 Oct 2003 15:00:28 -0700
On Fri, 2003-10-31 at 11:12, yossarian wrote:

<snip>

File and printer sharing is not needed?  Remote administration is not
needed?  Maybe not in home use, but in corporate?


No, sorry Paul. Printers have their own IP address, file and printersharing
was introduced for small networks. But since the mid nineties a network
interface became standard in laserprinters- printersharing became a real non
issue. File sharing: not for workstations, unless you make backups of every
workstation. Not suitable for corporations, user data is corporate property,
needs a back up so MUST be on a server. It is impossible to secure a network
where file and printsharing is common (where is the sensitive info to
secure?) - my personal BOFH way is disable the server service on every
Workstation. And the browser service as well.


What planet are you working on? I have bought 5 printers in the last
three years and 2 of those had built-in network cards. The others use
"jet-Direct" type interfaces which require software to be installed on
the server. You're saying I install this on everyone's workstation so
they can connect directly? Uh huh. No file sharing; everything should be
stored on a central server. Sure, no problem I'll just go out and drop
$100k on a SAN to store it all. *Or* I could take advantage of the fact
that every machine I buy comes with at least 40 GB of drive space on it.
And I'm sure you're going to suggest thin clients here, so I'll go out
and buy a small render farm for my graphics guys to do their 3D work on.


Remote administration may be needed, I just said it is rarely used, for
various reasons, the foremost being that the support staff don't know sh**t
about the inner workings of windows, MCP or not.


Right and what inner workings do I need to know to use my remote patch
management software without RPC? It's really handy actually, but then
again maybe there's a better way to do it that I'm just to stupid to
know about.

<snip>

Hopefully we can all agree that anything Microsoft can do to attempt to
make it's O/S more secure is better than the way it is now.

Kenton


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: