[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Re: Microsoft Security? Real LANs

Random Letters said....

<snip>
1. Home users - don't have adequate protection and get turned into zombies.
They then bombard us. OK - this is dealt with by an externally facing
firewall but see #2 below.

2. Office workers with laptops or VPN connections to the internal LAN - get
'infected' (see #1 above) and then connect to the internal LAN. They then
bombard any newly set-up PC before we get a chance to patch it. BTW you
still have to connect to a network if you have a SUS or SMS server.
</snip>

By saying see #1 above you are comparing a corporate laptop to a home
computer? Or are you suggesting that sysadmins should allow remote users to
come in from any phone line/IP and or public computer. The thought of
allowing machines that do not belong to the company on the internal network
does seem like suicide.


No, but people do use their laptops outside the office. It can be quicker to get infected than get either Windows or virus updates. When they bring their laptop onto the LAN (either through VPN or physically) then they are an internal source of infection that an external firewall can't filter. (Sh)It happens.


<snip>
The "need to patch before I put it on the network" / "need to put it on the
network to get the patches" IS a real problem for many sysadmins.
</snip>

Why? They must not be keeping there install images up to date.


Guilty as charged. I do have other tasks to perform. :)

-----------------------------------------------
If you're happy and you know it clap your hands
-----------------------------------------------
  Does HoTMaiL come with a spell checker?

_________________________________________________________________
It's fast, it's easy and it's free. Get MSN Messenger today! http://www.msn.co.uk/messenger

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html