[Dshield] Microsoft patches

Doug White doug at clickdoug.com
Mon Oct 20 16:13:37 GMT 2003

No, you are not the only one.

I have had a windows environment (network) online for several years, and have
been pretty diligent about keeping the patches updates, pretty well as soon as
they are released.  This includes the URLScan ISAPI filter for IIS.  My
anti-virus solution is updated at least once daily.

As a result, I am in an observers seat as the CodeRed/Nimbda, SQL slammer and
all subsequent exploit attempts have come down the pike, and have not (yet) been
compromised.   It is interesting to note that even with all the publicity and
encouragement to keep the patches up to date, there are still a considerable
number of systems still (Both Windows and Linux) on the internet that have not
done so, and as a result are compromised, and continue to attempt to compromise
others.  I do not consider failure to maintain systems as something that should
be blamed on the publisher.

My mail servers still intercept Klez, SoBig, and other virus infected email,
although solutions for these compromises have been available for free for many
months now.

My rant would be to stop bashing the Operating System publishers (either windows
or Linux) and trying to avoid responsibility for your own networks.  Most
patches are downloadable as a file, which then can be copied to disk and then
local updates performed without downloading them again and again.  On larger
networks, technology is readily available to download once and push the patches
to other machines on the network.  The failure to keep online systems up to
date, is the fault of the system or network administrator, and not that of the
publisher.   End rant..

Stop spam on your domain, use our gateway!
For hosting solutions http://www.clickdoug.com
Featuring Win2003 Enterprise, RedHat Linux, CFMX 6.1 and all databases.
Suggested corporate Anti-virus policy: http://www.dshield.org/antivirus.pdf
If you are not satisfied with my service, my job isn't done!

----- Original Message ----- 
From: "Bob Savage" <bsavage at rnr-inc.com>
To: "General DShield Discussion List" <list at dshield.org>
Sent: Monday, October 20, 2003 8:51 AM
Subject: [Dshield] Microsoft patches

| I have not yet had any problems with Microsoft patches, security updates, or
service packs.
| I know a lot of folks have big problems with the updates.  Am I the only one
that's found them trouble free?  Are there things we all could take to make them
easier and smoother?  Again, the point is not to defend MS or to criticize
anyone else.    Just wondering if given what we have to work with if there are
things we could do to make our jobs easier.
| On the other hand, I have a good friend who has a headache from time to time.
When offered an aspirin she'll always decline, explaining that if she took it
the headache would go away and then she'd have nothing to complain about.  I'm
also guilty of that approach sometimes!

More information about the list mailing list