Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: It's not that simple...

From: Micheal Espinola Jr <michealespinola () gmail com>
Date: Thu, 18 Aug 2005 10:51:22 -0400
Exactly.  Because MS is such a stupid-admin prone OS, MS needs to work
harder at making tools like the recent SCW (Security Configuration
Wizard) available to all their OS's - not just the newer ones.

Even though checklists and security docs these days are numerous for
the basics - people aren't looking into them or following them because
of all the manual steps involved.  Things like the SCW need to be
embedded in the OS to make it as idiot proof as possible to apply a
secure configuration.

I think we'll all agree that lots of idiots maintain Microsoft OS's. 
It isn't necessarily MS's fault - but it is a culture that they
cultivated, so they definitely hold some accountability.


On 8/18/05, Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu> wrote:

On Thu, 18 Aug 2005 10:28:04 EDT, Paul Melson said:


Very little pity for those who haven't hardened servers and workstation
images this late in the game.


The problem is that there's literally a half billion workstation images out
there, run by people who think "harden" is what pr0n does do them....

Remember - *most* machines are run by Joe Sixpacks, not trained sysadmins.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/






-- 
ME2  <http://www.santeriasys.net/>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: