[Dshield] DCOM morning after

Stephane Grobety security at admin.fulgan.com
Wed Aug 13 08:06:48 GMT 2003


SV> Do you guys, think of how much does Security/patching costs in terms of
SV> people, time and money?

I'm sure we're all very well aware of that, thank you: to many of use,
this is a main part of our day to day job.

SV> Why can't Microsoft just make sure that they are stuffs are correctly and
SV> securely written and coded?

That's a delusion. Software without bugs doesn't exists. The average
piece of software, when initially written, has about one bug every 50
lines of source code when written by a good programmer. With strong QA
and lots of testing, this number can be changed to one bug every 200
lines of code, on average. Oh, and that's not Microsoft's code, BTW,
it's everyone's.

SV> I have been patching and even using special software for massive patching
SV> and still patching!!!
SV> When can I have a rest and dedicate my time on other subject than just
SV> patching?

It all depends on the size of your network and how deep your pockets
are, but with a reasonable amount of investment into dedicated
software and test lab machines, you can pretty much make sure all
machines are patched reasonably fast and without too much pain. The
easiest way for that is to use HFNetCheck pro for patch
scan/deployment and VMWare for testing. It sure is a pricey investment
at first,but it pays pretty fast in saved labor.

SV> I am tired.

It shows :) get some rest, have a good bier (or whatever you fancy).

Good luck,
Stephane




More information about the list mailing list