Security Basics mailing list archives
Patching
From: Alessandro Bottonelli <abottonelli () libero it>
Date: Mon, 20 Oct 2003 10:12:29 +0200
A thought has been crossing my mind for a long time, I'd like to confront it with the list. In the "old days" a patch and/or fix was defined as "something that closes a known hole and opens ten unknown holes" :-) Yet, literature and common practices keep saying we should maintain our systems and network appliances up to date with the last patches / software releases. WHY should I feel safer that way? How can I tell Rev. 1.3 is any better (security-wise) than Rev. 1.2 ? Is the cost (financial and others) of change management worth it? If so, how can I measure such worthness? Too much caffeine on a rainy Monday morning, in usually sunny Italy? :-) -- Alessandro Bottonelli www.axis-net.it --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
Current thread:
- Patching Alessandro Bottonelli (Oct 20)
- RE: Patching Raoul Armfield (Oct 20)
- Re: Patching Florian Streck (Oct 20)
- Re: Patching Meritt James (Oct 20)
- RE: Patching Alexander Suhovey (Oct 21)
- Re: Patching Meritt James (Oct 21)
- Re: Patching Meritt James (Oct 20)
- Re: Patching Alessandro Bottonelli (Oct 20)
- Re: Patching Ansgar -59cobalt- Wiechers (Oct 21)
- Re: Patching Alessandro Bottonelli (Oct 21)
- Re: Patching Ansgar -59cobalt- Wiechers (Oct 22)
- RE: Patching Graydon McKee (Oct 22)
- Re: Patching Ansgar -59cobalt- Wiechers (Oct 21)