| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: lists2 at onryou.com (Cael Abal) Subject: Re: Microsoft Security, baby steps ? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 alwayssecure@...hmail.com: > How is it that some sysadmins can manage security, can just get on and > get the job done, and some others have to bitch and moan and show > their appalling ignorance of the wealth of tools available to them - > many provided by Microsoft. > > The site I secure has never been hacked since I arrived four years > ago. It is always kept up to date with patches - within hours of them > becoming available. Hi Bob, So, your site has never been compromised? You /absolutely/ sure about that? :) </tongue in cheek> I have to say your rapid patch deployment policy rather frightens me. I wouldn't even consider rolling out patches without rigourous testing. Keep in mind, though, that I've had workstations completely hosed by patches (I believe one of the worst was an innocent-seeming upgrade from IE 4 -> 5, but don't hold me to that). Personally, I think Microsoft is doing a tolerable job on the patch management front. SUS is nice but needs significant work -- the absence of logging, for example, is a huge omission. Rumours were it was supposed to be implemented in SUS 2.0? Cael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) iD8DBQFAWiF6R2vQ2HfQHfsRAjddAKDTPcoitkS/IXuhN6ileDELwzDntACeI3OB hNNQkQGq56Ao2z0hFTeH6QM= =aRJS -----END PGP SIGNATURE-----
Powered by blists - more mailing lists