> AFAIK, I can't tell what they are > going to do > before hand, and can only install them and then try > to > determine what they did after the fact. (This may > prove my > ignorance of windows patches, but I can live with > that). AFAIK, you're pretty much dead on. One of the biggest issues I've had since the beginning is not knowing what a patch does. Sure, I can understand if a DLL has an overflow, and the code needs to be replaced. However, many of the early patches could have been handled w/ a 'simple' Registry edit...I put simple in quotes b/c of the omnipresent MS admonition about editing the Registry. But then I guess that goes along w/ Microsoft's 'zero knowledge administration'. > Well, I find things are not so easy in windows. > Just because > you don't use software doesn't mean it isn't > installed. And > just because you don't know what it is, doesn't mean > it isn't > running as a service on your machine. Now, in > theory a good > sysadmin would know what is running, etc. But > sometimes it is > difficult in the windows world. I'm not sure just _how_ difficult that is. I'll admit that it's hard to find out what some of the various MS services are, but third-party stuff is particularly easy to track down. > Case in point is the Universal Plug and Play > discussions. Which > services should be disabled. If you disabled them > all, then you > not only disable the vulnerability but also other > services which > depend in some way on the non-vulnerable Universal > Plug and Play > components... So just disabling all the UPnP > services can cause > other things to break which may cause problems for > users... You're correct...but an implied corrollary to 'disable unnecessary services' is being able to determine what is necessary and what isn't. The UPnP is difficult enough to understand...I can't see why any site would be running XP so soon after it's release, as there hasn't been time for a real 'shake down'. However, I do know that there are a great many sites who've been running XP (however unknowingly) since beta. > Another case in point is the "I don't run outlook so > it doesn't > affect me" (say I use Eudora). The comments I'd have to the rest of the post take me off on a tangent, and off topic. All are good points...but perhaps that's better left for another thread. __________________________________________________ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Jan 03 2002 - 12:40:49 PST