And, of course, the KixTart could never be exploited. There is no way
right? Are you sure? Are you going to stake your career on it? I never
trust one thing over another. Granted, because MS OS's are the most
prolific, you see more stories of the exploitation and such. I simply
just keep up with all of the problems, apply any of the necessary
patches and take as much of a proactive approach as I possibly can. I
manually update my servers and workstations, I prefer to do this and I
don't have to worry about an 'automated' update allowing a breach. At
least when I do it manually, I have the option of not allowing it or I
can monitor it. Mind you, I have a small amount of systems to maintain
here, and I am sure that if I had more than I do, I would automate some
of the workstations, but NEVER the servers!

Robert Clark
MCSE, MCP+I, MCP, A+
MIS - Texas Cellular

-----Original Message-----
From: Byron Kennedy [mailto:byronmarkettools.com]
Sent: Thursday, October 04, 2001 6:02 PM
To: 'Wim Remes'; Arendt, Jordan ED0; 'Paul L Schmehl'; Byron Kennedy;
focus-mssecurityfocus.com
Subject: RE: Microsoft Announces Strategic Technology Protection Program

I don't disagree agree with you in substance, especially in your last
paragraph, but why is it a stupid idea? Is it because, you say, "Most
Admins (at least the very few that are concerned about security on their
network) already use programs or have developed techniques to push
patches, etc to the clients"? Oww yeah? We'll I consider myself a
rather technical person, in legal terms what you suggest is called
"vague and presumptuous" - calling for conclusions and lacks supportive
evidence. I'd actually bet that many of us security minded
professionals, for many very valid reasons don't or haven't developed
these tools and where we have, perhaps see room for innovation and
improvement. So, back to your theory, do you also purpose that we all
use Antivirus packages and scanning engines that we integrate ourselves
via perl and c++ and never use the auto update features because it's
more secure to download the digitally signed/encrypted definitions
manually and distribute them ourselves - with our own tools? :)

Vendors natively providing security update automation isn't necessarily
a
bad thing and neither is using our own tools internally. Sure such
vendor
supplied tools could potentially have security issues, but so do all
connections to the intranet. Whatever tool you use, secure it. what
about md5, tls and ipsec? There are many ways to achieve the objective
securely. Microsoft, in their continuous efforts to supply us with
integrated, user-friendly tools, is now, offering another. I contend
the tool is not the security problem - it's the mentality. Why not
write in about ways that this software could be offered in the most
secure manner possible? what an asset that'd be to your peers!

cheers-byron

-----Original Message-----
From: Wim Remes [mailto:wim.remesskynet.be]
Sent: Thursday, October 04, 2001 11:26 AM
To: Arendt, Jordan ED0; 'Paul L Schmehl'; Byron Kennedy;
focus-mssecurityfocus.com
Subject: Re: Microsoft Announces Strategic Technology Protection Program

That 2nd last paragraph is a really stupid idea. Most Admins (at least
the very few that are concerned about security on their network) already
use programs or have developed techniques to push patches, etc to the
clients. I'm certainly not gonna pay for another M$ product when I can
handle updating of the clients with a simple tool like KixTart !!!!
That 'new' server product will in itself be subject to vulnerabilities,
poor programming,... Let's imagine that a hacker succeeds in writing a
virus that masks itself as a MS-update, gets access on the Local Update
Server & sits back until the MS-server decides to distribute it to every
single client on your network... That'd be fun ....

Security ain't a thing you can buy ! It is a service you provide to your
customers, something you work on every day & last but not least
something that should never be put back with the simple question "Why
would anyone target me?"

cheers,

Wim

-------------------------------------------------------------
I really don't wanna hear that Texan say "Make no mistake about it..."
one more time...
----- Original Message -----
From: Arendt, Jordan ED0 <Jordan.Arendtsasked.gov.sk.ca>
To: 'Paul L Schmehl' <paulsutdallas.edu>; Byron Kennedy
<byronmarkettools.com>; <focus-mssecurityfocus.com>
Sent: Thursday, October 04, 2001 6:50 PM
Subject: RE: Microsoft Announces Strategic Technology Protection Program

> Read the second last paragraph:
>
> http://www.secadministrator.com/Articles/Index.cfm?ArticleID=22751
>
>
> Jordan
>
> -------------------------
> <snip>
>
> But you're absolutely right. Updates at LAN speeds would sure be more

> convenient, especially in a "crisis" situation. The Internet isn't
> always "up". Our LAN is.
>
> <snip>
> > needed fixes. Oww yeah, and it could provide a web front-end like
> > windowsupdate. :) I'm sure someone besides me has thought of this.

> > The Windowsupdate site is a great interface to point users to, but
> > we need a local Server w/ LAN speed access.
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]