Security Basics mailing list archives
Re: Ten least secure programs
From: "Chris Berry" <compjma () hotmail com>
Date: Mon, 30 Jun 2003 15:43:03 -0700
From: "Roger A. Grimes" <rogerg () cox net> Chris, most rationale network administrators (or whatever you are) cannotgenerally dictate by themselves what is and isn't allowed on "your network".It's a business decision made by management after you've told them of the risks of using such-and-such a program.
While that's usually true for already established systems, when you're setting up new capability, you often have the opportunity to recommend something. Also, I was trying to get a feel for items people would "keep a close eye on".
You may hate MS-Outlook
Yes, worst virus ridden buggy piece of filth ever written.
MS-Internet Explorer
I prefer Mozilla, but IE isn't that bad, which is why I didn't put it on the list.
but if your CEO tells you have to support it, then it's best to learn how to secure vs. just saying someone can't have it.
Well of course, but that's not what I was talking about.
All the programs you mention below can easily be made relatively secure by following the vendor's recommended configuration settings and patches.
I disagree.
So, I wouldn't recommend telling any end-user they can't use such and such...it's better to tell them (or mgmt), "you should have it configured this way and use this patch mgmt tool" if you are going to use that software package.
Users, yes I wil tell them that. Management, well that's a whole nother story as we all know.
If you start working somewhere and they have a sendmail server, you may be stuck with it, but if they tell you to install an email server that's a different story.
Chris Berry compjma () hotmail com Systems Administrator JM Associates "Encrypt everything, and ask questions later." _________________________________________________________________Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail
--------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare.Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
Current thread:
- Re: Ten least secure programs Patrick Boucher (Jul 02)
- <Possible follow-ups>
- RE: Ten least secure programs Paul Kurczaba (Jul 02)
- Re: Ten least secure programs Chris Berry (Jul 02)
- Re: Ten least secure programs Roger A. Grimes (Jul 02)
- Re: Ten least secure programs compguruman (Jul 02)
- Re: Ten least secure programs Chris Berry (Jul 02)
- Re: Ten least secure programs Chris Berry (Jul 02)
- Re: Ten least secure programs Richard Bennett (Jul 02)
- Re: Ten least secure programs Mitch Pirtle (Jul 02)
- Re: Ten least secure programs vh (Jul 02)
- RE: Ten least secure programs Depp, Dennis M. (Jul 02)
- RE: Ten least secure programs Chris Alliey (Jul 02)
- RE: Ten least secure programs Graham, Randy (RAW) (Jul 02)
(Thread continues...)