| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <EKECJMGPAACGOMIGLJJDOEKFEBAA.geoincidents@getinfo.org> From: geoincidents at getinfo.org (Geo.) Subject: Re: Microsoft Security, baby steps ? >> Sorry to sound incredibly dense, but if the machine in question is never being connected to a network does it really need securing/patching? << I never said a machine is never being connected to a network. There are lots of places that in the interests of security require a machine to be fully patched (perhaps even hardened) before it is allowed on either an internal or external network. This is not as rare as you might think, there are even some universities now who in trying to deal with the flood of infected machines each time students return from break are beginning to have requirements (some scan the machines) you must meet before being given internet access. So the only way to patch is to have a friend download the patches, burn a CD and then sit there and apply them. The problem with doing that is that it's not simply a matter of downloading the latest service pack and latest rollup. Try it, get hfnetchk and go thru patching a Windows 2000 machine without that machine being on the internet, you'll go nuts. Even the stupid check tools assume you have the thing on the net before it's patched. Geo.
Powered by blists - more mailing lists