System Patches, keeping current (was: NT vs Unix on the Internet)

From: Roger Marquis (marquisat_private)
Date: Wed May 13 1998 - 20:26:14 PDT

  • Next message: Jeremy Epstein: "Comments on Fred Cohen's "Deception Toolkit""

    On Fri, 8 May 1998, Russ Cooper (Russ.Cooperat_private) wrote:
    > The vast majority (say roughly 90%) of all "hacks" of NT that have been
    > reported have come about as a result of lack of knowledge on the part of
    > the installer/administrator.
    This is also due to the security of NT's default configuration.
    Certain Unix vendors such as SGI also have this problem.  Whether the
    glass is half empty (admins not performing a secure installation and
    applying patches) or half full (the OS not implementing security by
    default) is perhaps a matter of perspective.
    > 3. The number of people who "know" how to secure an NT box against
    > "known" exploits are far fewer than their Unix brethren (that's why we
    > get paid so much...;-])
    This is at least partly due to the closed nature of the NT operating
    system itself.  Not only are the administrative resources necessary to
    secure an NT box hard to find but the tools and documentation simply
    don't exist in many cases.  An example of one such critical tool, one
    we rely on, is Sun's patchdiag.  This is a subscription service which
    allows sysadmins to download the patch database for their Solaris
    version.  The database is updated several times a week and lists the
    current revision of all recommended and security patches.  The
    patchdiag script flags any patch that's out of date or not installed on
    a particular system.  With this information an admin can keep his or
    her critical boxes patched with as little effort as running
    'installpatch' a few times each month.
    Roger Marquis
    Roble Systems Consulting

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:13 PDT