[Dshield] Where should one start?

Tony Earnshaw tonye at billy.demon.nl
Sat Mar 20 20:24:30 GMT 2004


lør, 20.03.2004 kl. 19.35 skrev John Dalton:

>     Just to drop a line on two comments. As a tech Bench at a major
> electronics big box retailer, two things bother me. First was the remark
> about just pushing the computers out the door without any concern. Our
> standard is that every machine that goes out our doors has been setup (free)
> so that all the initial installations are running,

Johannes is probably going to kill this as flame, but what the heck?

1: I believe it is Microsoft's responsibility to see that every new or
reserviced computer with a Microsoft operating system leaving a
distributor, or a distributor's dealer, everywhere in the world, is safe
to run on the Internet. This means that it should be fully protected
from any malicious approach until any automatic updates, patches or OS
amendments have been applied. The way to do this, is by applying an
effective, state-aware firewall during the installation, blocking every
IP socket. Automatic updating can be done during this phase, but any
initial patches must have been carried out by the distributor/dealer.

2: There should be no extra charge for this, and those who charge for it
should instantly be deprived of their status of distributor/dealer;

3: Installation of any third party software such as Symantec or NAI
so-called AV software is incidental.

*BUT* That is not how Microsoft works. Exactly *how* Microsoft works I
leave as an exercise to the more astute reader.

As a confirmed SVR5 Unix/RedHat Linux user, I read many postings on this
list with vague amusement. 1:, 2: and 3: have worked like that for me,
for years (o.k., forget SCO OpenServer 5.x - dead duck -, but UnixWare
and Solaris work like that. Modern RedHat Linux works like that, too).
1: works, 2: is not necessary because 1: works, 3: is inherent.

That there *are* so many millions of infected Windows machines on the
Internet must surely be due to the smugness demonstrated by OP.

O.k, Johannes, *kill it*, but that is the pure and utter truth.

--Tonni

-- 

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl




More information about the list mailing list