| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: ggilliss at netpublishing.com (Gregory Gilliss) Subject: [in] Re: IE is just as safe as FireFox One comment about XP2 - the company where I work (which produces security networking appliances) has a corporate policy - we do not support XP2. Sales hates this (because all the numbnuts out there are pulling SP2 down with autoupdate and they have no clue what they have brought upon themselves) but since M$ was so idiotic as to disable the network functionality that allows reverse proxies to function properly (and I'm not talking about Juniper's back door where they pipe things straight through) it basically makes my company's (and every other company's) product break. The really dumb part is that M$ has a patch for their misdeeds and a knowledge base article and everything - but it's not incoroporated into autoupdate. Wonder why they would not include that fix for SP2 in autoupdate? Maybe they *want* to break other company's products? Nah ... <G> G On or about 2004.11.14 06:59:40 +0000, Curt Purdy (purdy@...man.com) said: > Valdis.Kletnieks@...edu wrote: > > On Fri, 12 Nov 2004 10:46:51 GMT, Colin.Scott@...lc.com said: > > > Oh yeah, I've got 14,000 Windows 2000 machines to update to > > windows XP > > > SP2, hang on wheres that CD? > <snip> > > > What's worse is having to run a university network where you > > have 30K boxes that you do *not* have the political mandate > > to upgrade (fortunately, we *can* get away with "Upgrade or > > you can't use our network to talk to anybody else", because > > although we don't own the machines, we own the copper. :) > > Upgrade W2K to XP? I call that a downgrade! I won't allow XP (sp2 or not) > on my network. All new boxes must be reformatted and W2K or SuSE Linux or > BSD installed (unless of course it is a Mac with OpenBSD kernel that is > always welcome). > > As for a university network, I can only sympathize. I listened to an > interview with a U of H admin last week, and thought, if I was a > script-kiddie the first thing I would do when I got home was scan their > network. > > Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA > Information Security Engineer > DP Solutions > > ----------------------------- > > If you spend more on coffee than on IT security, you will be hacked. > What's more, you deserve to be hacked. > -- former White House cybersecurity zar Richard Clarke > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html -- Gregory A. Gilliss, CISSP E-mail: greg@...liss.com Computer Security WWW: http://www.gilliss.com/greg/ PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3
Powered by blists - more mailing lists