<color><param>0100,0100,0100</param>On 23 Apr 2001, at 14:18, Fred A. Miller wrote: <color><param>7F00,0000,0000</param>> Exploit devastates WinNT/2K security
By Thomas C. Greene, The Register
--
--
----/ / _ Fred A. Miller
---/ / (_)__ __ ____ __ Systems Administrator
--/ /__/ / _ \/ // /\ \/ / Cornell Univ. Press Services
-/____/_/_//_/\_,_/ /_/\_\ fm@cupserv.org
</color>More concerning than the article itself is the statements made in the discussion at the bottom. The mindset of the windows administrators is that it is not a real concern because there are ways to protect this flaw from exploitation. <bigger>"This doesn't really add anything; its simply another way to do something <color><param>0100,0100,0100</param>that has always been possible, and which is prevented by adherence to best practices" "Why would anyone leave this port unfiltered on a router anyway?" "Prevent this kinda idiocy with the built-in ipsec software that comes with win2k"<FontFamily><param>Times New Roman</param> It is this "I don't mind" attitude that allows M$ to continue to thrive with a </color><FontFamily><param>Arial</param><smaller>substandard product. The systems should be secure by nature, not secure once you apply all the recommended updates and patches, and tweak the entire network to protect the few hosts that need to be secure. These are my thoughts, what are yours? ~Dale <nofill> ________________________________ Dale Schuster MIS Manager Lake Tahoe Horizon Casino Resort dschuster@horizoncasino.com