lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <200403181919.i2IJJjlm004288@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Re: Microsoft Security, baby steps ?[Scanned] [Scanned] 

On Thu, 18 Mar 2004 16:46:26 GMT, "James P. Saveker" <james@...goat.net>  said:

> If you have 30K seats then as I pointed out image installation would be done
> via the SMS server or for companies not running SMS they may use RIS or
> another image multicast server.  The desktop units will of course have PXE
> boot roms on the NIC's and therefore not even need a boot disk. 

Hmm... <looks around> Yep, 30K+ users around here.  Hmm.. Nope. No global SMS
server.   And anytime somebody says "of course they'll have", that's
immediately suspect.  And remember that the sort of older box that doesn't have
a PXE onboard is also more likely to end up being the sort of box you *wish*
had one onboard... ;)

> Of course not all companies and what not have the resources to be able to
> run SMS or even perhaps the need.

Exactly my point.

> For smaller companies the IT staff should find it easier in a 2K domain or
> above let's face it RIS is free with 2k server (running a native windows
> network) They would of course have to keep RIS images up to date.

All very good "best practices" concepts - too bad so few sites manage to
actually deploy them correctly....

That's the *real* challenge of trying to secure a network - the vast gap between
what could be done given the proper mandate and financing, and what you can
usually actually deploy with the mandate and financing you actually got. :)

> In fact all tasks for smaller companys can be done by
> people with little up top using SBS 2003 and enjoying the wizards.

Which is fine, until something goes Terribly Wrong and there's no sign
of the Terribly Wrong-Fixing Wizard to be found. ;)

(Guess who's come across waaay too many boxes that the owner didn't know were
compromised because the box knows how to say "You've got Mail!" but doesn't
know how to say "You've got Malware!" ;)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040318/02b3db58/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ