| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3F2A35C4.22077.1169E4DF@localhost> From: nick at virus-l.demon.co.uk (Nick FitzGerald) Subject: Patching networks redux John.Airey@...b.org.uk wrote: > > Please do not forget that the "experts" are not nearly as troubled by > > this because the problem was largly mitigated by following best > > practices. I suspect you too could be spending this time > > appropriately > > handling the problem cases and systems that required the > > functionality > > with a lot less worry and headache. > > Isn't it interesting that > http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS > 03-026.asp says that you can install this on either SP3 or SP4. So can Jason > please explain what best practices he refers to? I'm sure he was referring to standard computer security best practices -- you know, things like ensuring least privilege, disabling unused accounts created by a default install, having strong password policy enforcement, uninstalling/disabling/etc unused services, firewalling all but the truly necessary ports, etc, etc, etc. What in that can you see that would _not_ have "largely mitigated" the threat potential of this vuln? Regards, Nick FitzGerald
Powered by blists - more mailing lists