Re: [CGUYS] Apple Issues Patches for 25 Security Holes
Or you could just edit the registry to disable remote access as noted in the workaround section of the KB article. Takes about 2 minutes a server. Nah, better to panic. -Original Message- The biggest threats to Macs (and all of us) right now is the Microsoft DNS vulnerability. Unfortunately, many Mac users work in environments where the local DNS is on a Microsoft server. The problem is that the Microsoft DNS can be remotely attacked and loaded with bogus addresses. Thus you type in the URL of a site you trust and you get routed to a look-alike phishing site. This is very serious and is currently happening. I don't see that Microsoft has issued a patch. Best solution for now is to change your DNS settings to use a trusted UNIX DNS server. * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived
Re: [CGUYS] Apple Issues Patches for 25 Security Holes
Or you could just edit the registry to disable remote access as noted in the workaround section of the KB article. Takes about 2 minutes a server. Nah, better to panic. In my experience nothing will strike panic into the hearts of IT managers like the prospect of getting their big butts out of their chairs. Disable remote access you have got to be kidding. It won't be done. Anyone who relies on it getting done is asking for trouble. It is much safer to switch to a reliable DNS. Perhaps we need a way to cross check the results from multiple DNS servers? If one were polluted the inconsistent results would be a tip off that something is wrong. * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived
Re: [CGUYS] Apple Issues Patches for 25 Security Holes
Again, I keep wondering where you meet these guys? Are you loitering around best buy and figure the geeksquad guys are IT managers? I've met many IT managers, and their staff, never have I met these caricatures you describe. Mike On 4/21/07, Tom Piwowar [EMAIL PROTECTED] wrote: Or you could just edit the registry to disable remote access as noted in the workaround section of the KB article. Takes about 2 minutes a server. Nah, better to panic. In my experience nothing will strike panic into the hearts of IT managers like the prospect of getting their big butts out of their chairs. Disable remote access you have got to be kidding. It won't be done. Anyone who relies on it getting done is asking for trouble. It is much safer to switch to a reliable DNS. Perhaps we need a way to cross check the results from multiple DNS servers? If one were polluted the inconsistent results would be a tip off that something is wrong. * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived
Re: [CGUYS] Apple Issues Patches for 25 Security Holes
Again, I keep wondering where you meet these guys? Are you loitering around best buy and figure the geeksquad guys are IT managers? I've met many IT managers, and their staff, never have I met these caricatures you describe. We had this discussion here a few months ago (and I mostly stayed out of it). There were plenty of first-hand accounts of IT mis-management and resolute refusal to see anything amiss on your side of the aisle. Sort of like watching the White House defend Bolton, Gonzales, Wolfowitz, et al.. * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived
Re: [CGUYS] Apple Issues Patches for 25 Security Holes
On 4/21/07, mike [EMAIL PROTECTED] wrote: Again, I keep wondering where you meet these guys? Are you loitering around best buy and figure the geeksquad guys are IT managers? I've met many IT managers, and their staff, never have I met these caricatures you describe. Tom is pretty harsh, but the points he make show up pretty commonly. I work with several IT managers who are very conscientious and extremely well qualified technically. Yet they end up trapping themselves into nasty corners. Like migrating to a huge Microsoft environment - Exchange, Windows desktops, SharePoint, Office, IE, etc. If you lead them carefully, they will admit that things don't work the way they would like - in fact, the products Microsoft delivers are incredibly frustrating. But they buy into the Microsoft mantra - easier to hire people familiar with Microsoft, current staff skills, just copying other large companies, etc. In fact, two in particular I know of would love to have a standards-based environment, with lots more open source products that would be easier to maintain. But they would have to work extra hard to find the right support people, those motivated to work with the open source community, etc. And they would have to work hard to convince upper management. So the cost to ramp up would be higher, though the result would be hugely cheaper and easier to maintain and improve. But try proposing paying the IT people more, bringing in those who care about open source, and having ways to outsource some of the support. Maybe it could be done, but ... So, the honest and capable ones know they are stuck in a tough place, and are very frustrated. And, of course, there are plenty of the not-very-competent types out there, that is for sure. -- John DeCarlo, My Views Are My Own * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived
[CGUYS] Apple Issues Patches for 25 Security Holes
From today's Washington Post Apple today released software updates... All told, today's batch fixes some 25 distinct security vulnerabilities http://blog.washingtonpost.com/securityfix/2007/04/apple_updates_plug_25_sec urity_1.html?referrer=emailreferrer=emailreferrer=email Peter Rozanski Orndorff Spaid, Inc. 301-937-5911 * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived
Re: [CGUYS] Apple Issues Patches for 25 Security Holes
I'm having a mental block on that free public DNS that is out there...someone help me out? They have had quite a bit of publicity the last year...sorry can't think of any more info. It's on the tip of my brain...AARRGG! Mike On 4/20/07, Tom Piwowar [EMAIL PROTECTED] wrote: The biggest threats to Macs (and all of us) right now is the Microsoft DNS vulnerability. Unfortunately, many Mac users work in environments where the local DNS is on a Microsoft server. The problem is that the Microsoft DNS can be remotely attacked and loaded with bogus addresses. Thus you type in the URL of a site you trust and you get routed to a look-alike phishing site. This is very serious and is currently happening. I don't see that Microsoft has issued a patch. Best solution for now is to change your DNS settings to use a trusted UNIX DNS server. * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived