> ----- Original Message ----- > From: morning_wood > To: Jay Sulzberger ; Neil McKellar > Cc: [EMAIL PROTECTED] ; Jay Sulzberger > Sent: Friday, July 18, 2003 7:08 AM > Subject: Re: [Full-Disclosure] Odd Behavior - Windows Messenger Service
> once again Jay, Bravo Bravo Bravo > damn, you just may be the only one who gets the point of my post > or do we need to wade through 20 more ppl telling me how to secure a system > or how services act or initialize. > ( and at that they have no concept of my particular topology.. and > furthermore can only see fit to blast away completly missing the target and > shooting themselves in the foot thats squarley stuck in thier mouths.. > hint: take off the white hat so you can see 2 feet beyond your certs and > books) Don't forget my post of last week. Microsoft dont quite AGREE that it should or shouldnt happen that the machine has contact with the network before the human is ready to do so but they DID agree to put in an option in the next SP/full Windows, that network connections do NOT happen until logon. In other words, this whole issue may become a moot point when that release happens. Without assaulting people reading this - or even attempting to do so - with why I think they are wrong when they disagree this is a bad thing, I just have to remind the readers, here, that they restrict access to certain ports for certain users, watch out for trojans and spyware, worry about things such as keyloggers running through their work and home lans that may be watching the important and necessarily protected data on their lan clients. Why bother securing ANY data at all when a machine that may already be infected and attempting to mass infect the lan clients and/or contact internet before the user can properly use it may be completely stuffing your site and/or reporting sensitive data through the middle of your firewall? Greg. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
