This is an excellent thread - Microsoft I hope (and am sure) you are paying
attention, this is all good stuff. I'm an MCSE and spend the most part of my
days driving from small business to small business consulting, installing,
configuring and repairing microsoft based networks for the company of about
12 people I work for. Some networks might be 4 user Win9x workstations
running peer to peer and others might be upwards of 600 users that require
terminal services.

I would be the last person to call myself a microsoft guru, and with Windows
98, Windows 98SE, Windows ME, Windows 2000 (4 versions), windows XP (home
and Pro) all since 1998 it's hardly surprising that so many of us techs have
so many problems keeping up to date to properly support the businesses out
there.

People can bandy about terms like VBScript, SMS, WMI, ADSI, remote
management etc but the truth is that only a tiny percentage of us has time
to actually research and learn about these technologies. I know I could
write VB scripts that could automatically install patches, test security and
do my other management tasks, I know because I have researched it; do you
think I could write a script to do any of this? No way. Ever tried looking
up VB script samples for management on microsoft's web site? Tried to find
real and useful sample code for WMI scripting?

It's very hard to find any (USEFUL) documentation from microsoft (or anyone
for that matter) with sample code that we can learn from and edit and
experiment with. My problem with Microsoft is not the lack of tools to do a
good job, it's the lack of useful documentation provided with the tools they
already have. Where's the web page that tells me how to script an install of
service pack two on 53 Windows 2000 servers without leaving my desk?

I feel like microsoft is intentionally hiding this information from us, I
know intelligent scripting is possible, there's just no information publicly
available on how to do it. Maybe it's not available to thwart the script
kiddies, maybe it is available and I just don't know where to look;
personally I think it's not available to thwart everyone.

Sorry to vent :) but while the topic is open and the world is reading what
we have to say I figured I'd put in my .02c while I still have the chance.

John - mcse, mcp+i

-----Original Message-----
From: ThorHammerofGod.com [mailto:ThorHammerofGod.com]
Sent: Thursday, April 11, 2002 4:04 PM
To: keydet89yahoo.com; jack.lyonsmartinagency.com; dadamsscientech.com;
focus-mssecurityfocus.com
Subject: RE: MBSA and MS's attempts at "security"

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 02:15 PM 4/10/2002, H C wrote:

>Your point is well taken, understood, but it's already
>been considered. The point is *NOT* that Microsoft
>does not provide a syslog interface...the point is
>that Microsoft does *NOT* provide _any_ means by which
>to easily centralize EventLog entries. In order to
>consolidate this information, one has to explore
>freeware solutions such as syslogging, or seek out
>commercial solutions.
>

I don't agree with everything here... I think there is a lot more to all of
this, both technically, and from a business model perspective, than is
being considered.

I'd like to comment on a few things:

<.02>
First, while I consider myself knowledgeable in Microsoft technologies, I
think my introduction into Alternate Data Streams was through your posts,
HC... And while ADS is cool and intellectually stimulating, I think that
the average administrator has never even heard of ADS, and the average user
could give a Rattus Norvegicus' Gluteus Maximus about them. Why would MS
spend the time in developing, testing, securing, training, and supporting a
feature they could not market? Most of our users, when upgraded to XP,
said "What did you do to my Start menu?" We said "Hey, XP has TONS of
features, is more secure, can do more, and do it faster." They say,
"That's nice. What did you do to my Start menu?"

I think everyone is too quick to chastise MS for "bloatware" on the one
hand, while criticizing them for not including every possible feature on
the other. As far as the centralization of logs is concerned, that is
indeed an important feature. It may not be _easy_ to do it, but it can be
done through the API or WMI. In many cases, I think the market speaks for
the community's needs: If enough people wanted centralized event logs, and
by "want" I mean "willing to pay for it," then we would see lots of choices
out there. I think the fact is that most people are happy to connect,
view, connect, view, connect, view, done. Those that are not will pay the
$29 for syslog. Others will roll there own, as you have done in Perl.

The Federal Trade Commission also plays some role here... When XP was to
include new versions of media player and other "built in" programs as part
of the OS offering, Senator Schumer about wet his pants screaming "foul!"
We had to suffer through the masses weeping over the pending death of 3rd
Party Programs. It was an "Unfair Trade Practice." If you remember, they
actually tried to get an injunction on the release of the product.

If MS were "build" this functionality in, in many cases, and to many
people, it could actually be considered a breech of law. For every cry of
"build it in" there is an equal and opposite cry of "rip it out" from
Washington.

But lets exit out of the political realm and get back to technical, where
we both live... Microsoft has built a framework for us, both in the API and
in WMI, that allows us to do whatever we want. WMI is *strong*. The class
structure is robust and you can do just about anything you want. I think
there is tremendous value in admins learning to interact with their systems
at a lower level than counting on MS to do everything for them.

MS gave us Notepad, and then Wordpad. This mindset would be like requiring
a full blown version of Word to be included in the OS just in case the
admin felt that he wanted that functionality.

I also think we should be careful what we wish for. If MS ever does give
you a one-stop-shop along with a zero-knowledge security mechanism, you and
I will be swapping war stories while we flip burgers at McDonalds.
</.02>

Cheers,

Tim

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPLX6NohsmyD15h5gEQLkVACeMRPG8QbjPGTRhXF9KLvPmLfaXRoAoJQT
fn8TVipCQABd3Ifg3w+7z/QP
=2qaF
-----END PGP SIGNATURE-----

_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]