From: Eric Chamberlain, CISSP (eric_at_uclink.berkeley.edu)
Date: Mon Aug 25 2003 - 17:49:53 PDT
The context of the original post and the scope of my reply was about
deploying services on Windows. I took the original post to imply Windows
server class operating systems hosting services. Services like BFS, HRMS,
blu, Kronos, credit card processing, SEVIS, BETS, BRIO, paperless payment,
and e-giving run on Windows servers and were not victim to the exploits.
My issue was that comparisons were made about the viability of the Windows
server platform, but XP home was used in the comparisons.
As a security professional, I would caution everyone that exploits
discovered in the past are no indication of future vulnerabilities or risk
exposure.
-- Eric Chamberlain, CISSP Campus Active Directory Architect Central Computing Services University of California, Berkeley http://calnetad.berkeley.edu > -----Original Message----- > From: Jon Kuroda [mailto:jon_at_CSUA.Berkeley.EDU] > Sent: Monday, August 25, 2003 5:18 PM > To: Tom Holub > Cc: Eric Chamberlain, CISSP; 'Micronet-UCB microcomputer > support user group'; 'ucb-security list' > Subject: Re: [Security] Re: [Micronet] Windows: insecure by design? > > > Tom Holub <tom_at_LS.Berkeley.EDU> wrote: > : On Mon, Aug 25, 2003 at 01:39:07PM -0700, Eric Chamberlain, > CISSP wrote: > : > Aron, > : > I don't think you are making accurate comparisons by > comparing a variety > : > of Microsoft products to specific non-Microsoft operating systems. > : > Slammer exploited a database, Blaster exploited the OS, and SoBig > : > exploited users. Each of these exploits have had minimal > impact on > : > systems that are properly managed. In all the mentioned cases, > : > administrators have had ample warning to patch their machines. > : > : I don't think it's fair to say that the exploits have had > minimal impact > : on systems that are "properly managed." In a network of > any size, there > : are always machines that get missed on patches, even if you > have a good > : network infrastructure. For example, a professor's machine > may have been > : powered off when the updates were pushed out--when he > returns from vacation, > : he could turn his machine on and get immediately infected. > > And this is a system-centric view of the whole affair. It's > users (which in this case includes all of us systems support > people) who lose out, no matter which way a system was > compromised. Even people who had maintained systems that > were patched had to spend time dealing with some flood of > virus related mail, wondering if their system was patched or > not, waiting while co-workers or other correspondents had > machines reinstalled, waiting while systems support personnel > had to put off other work to deal with the latest > embarassingly huge problem, dealing with networks clogged by > the latest worm sucking up all the available bandwidth ... I > could go on. > > If you start to think in terms of how much time things like > this take away from people trying to get work done -- > including those like us who support a user base -- I don't > see how anyone could say that these exploits have had > "minimal impact". > > --Jon Kuroda > writing from his CSUA account since this is his personal opinion. >
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2.1.5 : Mon Aug 25 2003 - 17:51:18 PDT