> How many of your servers have open, externally accessible > MS-SQL ports? Maybe you should go open your MS-SQL box to the > world because you certainly wouldn't be an idiot to keep it > open, right? > > Ignoring *fundamental* security issues is at best, negligent. > Ignoring know, common, dangerous, documented, publicized > security issues seems to me to count as "idiotic" but you can > call it "poor practice", "negligent", "a mistake" or some > other less offensive word if you need to.
I think you're missing my point. My servers are adequately secure because it's my job to know how to secure them. But if you install any number of third-party products that contain MSDE onto your desktop, are you an idiot for (a) not being a network administrator, or (b) not being aware of database server security? I would argue that the onus for security of desktop applications is largely the responsibility of the creators of said applications. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:196985 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
