I'll do this one better. Nimda would not have effected UNPATCHED servers, had proper security techniques been followed.
Nimda required the IUSR_<MachineName> account to have read access into the \WinNT tree. A properly secured server would have that directory (and ALL directories outside Inetpub\www) explicity denied permissions. Then again, we've already determined that this isn't the administrators fault. Roger ------------------------------------------------------ Roger D. Seielstad - MCSE MCT Senior Systems Administrator Peregrine Systems Atlanta, GA http://www.peregrine.com > -----Original Message----- > From: Stephen Mynhier [mailto:[EMAIL PROTECTED]] > Sent: Monday, November 12, 2001 2:13 PM > To: Exchange Discussions > Subject: RE: It's not Microsoft's fault because.... > > > Yeah, it's not like Nimda didn't exploit a vulnerability that > half-decent > admins would have patched after Code Red II or Code Red I. > > Every exploit used by Nimda would have been a completely moot > point if: > 1) Admins would friggin take care of (patch) their servers instead of > blindly blaming the manufacturer for their incompetencies. > 2) Users would learn to click on the Windows Update and take > advantage of > Microsoft's free updates to their software > 3) Lusers would stop saying "I wonder what happens if I click on this > executable that Joe Blow sent me" or lazy admins would properly block > malicious code before it gets to the users > > You want a car analogy? > How about this one: > Why do my doors keep getting dents in them? Stoopud car > manufacturers! > What do you mean that I'm supposed to close my doors before I > drive? The > car manufacturers should do that for me! > > Bottom line is that it's not MS's fault that so many admins > are lazy and so > many lusers are stupid! > > Stephen > > -----Original Message----- > From: Benjamin Scott > To: Exchange Discussions > Sent: 11/12/01 12:00 PM > Subject: RE: It's not Microsoft's fault because.... > > Thankfully, after this latest Nimda fiasco, Microsoft appears to be > waking up to the fact that producing the software equivalent > of a Ford Pinto > is not a practice that instills customer loyalty. > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
