-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [EMAIL PROTECTED]: > How is it that some sysadmins can manage security, can just get on and > get the job done, and some others have to bitch and moan and show > their appalling ignorance of the wealth of tools available to them - > many provided by Microsoft. > > The site I secure has never been hacked since I arrived four years > ago. It is always kept up to date with patches - within hours of them > becoming available.
Hi Bob, So, your site has never been compromised? You /absolutely/ sure about that? :) </tongue in cheek> I have to say your rapid patch deployment policy rather frightens me. I wouldn't even consider rolling out patches without rigourous testing. Keep in mind, though, that I've had workstations completely hosed by patches (I believe one of the worst was an innocent-seeming upgrade from IE 4 -> 5, but don't hold me to that). Personally, I think Microsoft is doing a tolerable job on the patch management front. SUS is nice but needs significant work -- the absence of logging, for example, is a huge omission. Rumours were it was supposed to be implemented in SUS 2.0? Cael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) iD8DBQFAWiF6R2vQ2HfQHfsRAjddAKDTPcoitkS/IXuhN6ileDELwzDntACeI3OB hNNQkQGq56Ao2z0hFTeH6QM= =aRJS -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
