lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200403181552.AA431227140@tecman.com>
From: purdy at tecman.com (Curt Purdy )
Subject: Re: Microsoft Security, baby steps ?[Scanned] [Scanned] [Scanned]

James P. Saveker wrote:
<snip>
>(Guess who's come across waaay too many boxes that the owner didn't know
>were compromised because the box knows how to say "You've got Mail!" but
>doesn't know how to say "You've got Malware!" ;)

:)

<snip>
>I have seen companies running SBS and using ISP mail accounts when exchange
>is part of SBS, madness!  Also they have not got ISA configured correctly,
>assuming correctly does not involve a rules allowing all traffic from all
>sources to flow bi-directionally.  People that set up servers like that
>should be shot, or at least not allowed to practise as consultants.

Personally, I think anybody who sells and setsup a business with SBS should be shot.  Starting with SBS4, it's been a piece of crap.  Now to add insult to injury, they put ISA server in there and force you to put your firewall on the same box your database server is on.  By license, you cannot put it on a seperate box if you wanted to.  Another sign of the total cluelessness of MS on security.


--
Curt Purdy CISSP MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- Former White House cybersecurity adviser Richard Clarke 
--


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ