[Dshield] Is this some kind of washing hands or pointing fing ers at innocent parties?
dyoung at intecs.com
Thu Sep 12 16:29:20 GMT 2002
*sigh* With all due respect to the posters' opinions, I humbly request you
kill this pointless thread.
>>A hint to the target audience is here: "The activity appears to be
>>associated with a coordinated series of individual attempts to compromise
>>Windows 2000-based servers." So people running Windows 2000 based
>>servers, not ordinary home users, but admins who don't patch their
>>software, set good passwords, run good firewalls, and eliminate guest and
>Everything should be locked down by default.
>>Security is a partnership.
>Yea - tell that to Bill Gates...
>>With software marketed for home users, it should be secure right
>>out-of-the-box. So, agreed, Windows XP should disable the default guest
>>account and administrator account after forcing the user to replace them,
>>and it should default to forcing strong passwords. Those would be good
>>suggestions to make to M$ directly, and I think I will in a minute.
>Best of luck... it's like trying to talk to a wall.
>>With software marketed for business users, that it isn't foolproof right
>>out-of-the-box provides employment opportunities.
>yes indeed... like mine... :-)
>>And why pick on M$.
>because they really need to get their security act together and be part of
the solution instead of being >part of the problem.
>>Almost all software vendors make vulnerable products. *ix is no better
>OpenBSD comes to closest yet... for being reasonably secure out of the
box, but even they had some
>security flaws recently... Like Apache, openSSH, and OpenSSL.
Although none are actually part of
>openBSD, but they are supplied with default OpenBSD... Of course the
patches have been released.
More information about the list