[Dshield] Is this some kind of washing hands or pointing fing ers at innocent parties?

Young, David dyoung at intecs.com
Thu Sep 12 16:29:20 GMT 2002

*sigh* With all due respect to the posters' opinions, I humbly request you
kill this pointless thread.


>>A hint to the target audience is here: "The activity appears to be
>>associated with a coordinated series of individual attempts to compromise
>>Windows 2000-based servers."  So people running Windows 2000 based
>>servers, not ordinary home users, but admins who don't patch their
>>software, set good passwords, run good firewalls, and eliminate guest and
>>admin accounts.
>Everything should be locked down by default.
>>Security is a partnership.
>Yea - tell that to Bill Gates...
>>With software marketed for home users, it should be secure right
>>out-of-the-box.  So, agreed, Windows XP should disable the default guest
>>account and administrator account after forcing the user to replace them,
>>and it should default to forcing strong passwords.  Those would be good
>>suggestions to make to M$ directly, and I think I will in a minute.
>Best of luck...   it's like trying to talk to a wall.
>>With software marketed for business users, that it isn't foolproof right
>>out-of-the-box provides employment opportunities.
>yes indeed...   like mine...   :-)
>>And why pick on M$.
>because they really need to get their security act together and be part of
the solution instead of being >part of the problem.
>>Almost all software vendors make vulnerable products.  *ix is no better
>>right out-of-the-box.
>OpenBSD comes to closest yet...   for being reasonably secure out of the
box,  but even they had some
>security flaws recently...   Like Apache,  openSSH,  and OpenSSL.
Although none are actually part of 
>openBSD,  but they are supplied with default OpenBSD...    Of course the
patches have been released.

More information about the list mailing list