Security Basics mailing list archives
RE: Remote Desktop vs VPN on Windows 2003
From: "Roger A. Grimes" <roger () banneretcs com>
Date: Wed, 19 Jan 2005 17:13:21 -0500
Quote from Charles Babbage, guy who invented the first computing machine: "...Propose to a man any principle, or an instrument, however admirable, and you will observe the whole effort is directed to find a difficultly, a defect, or an impossibility in it. If you speak to him of a machine for peeling a potato, he will pronounce it impossible: if you peel a potato with it before his eyes, he will declare it useless, because it will not slice a pineapple." -----Original Message----- From: Conlan Adams [mailto:conlan () mebtc org] Sent: Wednesday, January 19, 2005 5:00 PM To: Roger A. Grimes; security-basics () securityfocus com Subject: RE: Remote Desktop vs VPN on Windows 2003
If Bank of America would have changed their default SQL port to anything else, they would have never been touched
by
Slammer, suffered the embarassment, and had executives asking for accountability. One port change and the victims would have been heros
in
their boss' eyes.
You miss a major point in this... No matter what you do you're NEVER a hero.
Custom code would have to add...what???...:1435 (five characters) to prevent every SQL scanning worm in existence.
Thing is, a five character code change, that breaks interaction with other existing software in a company with thousands of interacting programs, used by hundreds of thousands of employees, totaling millions of lines of code that could be referencing these apps, and you want to change five characters?!?! Even if you ignore the programming and interaction, think about the documentation and training headaches! Sounds like your boss just told you to look for a new job. Conlan Adams -----Original Message----- From: Roger A. Grimes [mailto:roger () banneretcs com] Sent: Tuesday, January 18, 2005 10:25 PM To: Danny Puckett; security-basics () securityfocus com Subject: RE: Remote Desktop vs VPN on Windows 2003 If Bank of America would have changed their default SQL port to anything else, they would have never been touched by Slammer, suffered the embarassment, and had executives asking for accountability. One port change and the victims would have been heros in their boss' eyes.
Current thread:
- RE: Remote Desktop vs VPN on Windows 2003, (continued)
- RE: Remote Desktop vs VPN on Windows 2003 Roger A. Grimes (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Paris E. Stone (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Roger A. Grimes (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Frank Hamersley (Jan 20)
- RE: Remote Desktop vs VPN on Windows 2003 Roger A. Grimes (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Roger A. Grimes (Jan 19)
- Re: Remote Desktop vs VPN on Windows 2003 Ansgar -59cobalt- Wiechers (Jan 19)
- Re: Remote Desktop vs VPN on Windows 2003 Michael Gale (Jan 20)
- RE: Remote Desktop vs VPN on Windows 2003 Conlan Adams (Jan 20)
- heroes Dave Aronson (Jan 24)
- RE: Remote Desktop vs VPN on Windows 2003 Roger A. Grimes (Jan 20)
- RE: Remote Desktop vs VPN on Windows 2003 Nero, Nick (Jan 20)
- RE: Remote Desktop vs VPN on Windows 2003 Roger A. Grimes (Jan 20)