lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <001201c362be$db58bd00$210d640a@unfix.org>
From: jeroen at unfix.org (Jeroen Massar)
Subject: MS should point windowsupdate.com to 127.0.0.1

-----BEGIN PGP SIGNED MESSAGE-----

Tobias Oetiker wrote:

> Because the local techs have no clue, it will
> take the affected companies ages to get back on the net.

Which is perfect actually as it points out all the
stupid admins who get paid a lot of cash but really
sit around all day with their finger up their noses.

The worm has been been seen coming for some time now
and admins where made aware of the patch quite quickly.
If they didn't patch their systems they should pay
the penalty too.

And no, this is not just yet again a microsoft thing
apparently even the FSF can't secure their FTP server.
Which took 3 months to be detected (jolly :) one has
to wonder how much trouble that is going to cost,
though fortunatly most unix admins are more proactive
in the security front and tend to update.

So for _any_ OS: Patch your systems when a patch
comes out and otherwise keep a very very good eye
on the systems you are running. Your bosses aren't
paying you to sit there with those fingers up your
nose, they pay you to keep the systems running.

If you can't take the heat, don't take the cash.

Greets,
 Jeroen

-----BEGIN PGP SIGNATURE-----
Version: Unfix PGP for Outlook Alpha 13 Int.
Comment: Jeroen Massar / jeroen@...ix.org / http://unfix.org/~jeroen/

iQA/AwUBPzwgSymqKFIzPnwjEQL4RQCgim6XWjFbRrRqI9x8vY5abgW/ME0AnAoT
tpQKbYInRXDvNZIZuhG1i+Ws
=I/QA
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ