lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: jlauro at michonline.net (John)
Subject: Re: MS-02-052


> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-
> admin@...ts.netsys.com] On Behalf Of Nexus
> Sent: Friday, September 20, 2002 12:05 PM
> To: Steve; full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] Re: MS-02-052
> 
> [snip]
> > else. I've banned windows in our server room. Removed IE, Outlook,
> > Media Player etc. I'm even blocking browsing IIS servers, as most of
> > our www needs are very limited.
> [snip]
> 
> My, what a rational and professional attitude ;-)

It is...  a little draconian too, but none the less very rational and
professional.

> The other alternative is to learn how to lock those boxes down as well
as
> the others - the OS hardly ever makes a difference, the admin _always_
> does.
> But it's much easier to point and blame than to sort your own shit
out...
> 


I agree (except that the OS does make a difference, although security
not being the most significant)...  He stood his ground and sorted the
shit out, instead of taking the easy way of just blaming Microsoft for
all the problems that come down the road.  You can't blame him for that.
;-)




Powered by blists - more mailing lists