[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <EKECJMGPAACGOMIGLJJDOEKFEBAA.geoincidents@getinfo.org>
From: geoincidents at getinfo.org (Geo.)
Subject: Re: Microsoft Security, baby steps ?
>>
Sorry to sound incredibly dense, but if the machine in question is never
being connected to a network does it really need securing/patching?
<<
I never said a machine is never being connected to a network. There are lots
of places that in the interests of security require a machine to be fully
patched (perhaps even hardened) before it is allowed on either an internal
or external network.
This is not as rare as you might think, there are even some universities now
who in trying to deal with the flood of infected machines each time students
return from break are beginning to have requirements (some scan the
machines) you must meet before being given internet access. So the only way
to patch is to have a friend download the patches, burn a CD and then sit
there and apply them.
The problem with doing that is that it's not simply a matter of downloading
the latest service pack and latest rollup. Try it, get hfnetchk and go thru
patching a Windows 2000 machine without that machine being on the internet,
you'll go nuts. Even the stupid check tools assume you have the thing on the
net before it's patched.
Geo.
Powered by blists - more mailing lists