One can only hope that MS takes the engineers off of Passport and the like
and puts them onto IntelliPatch for Windows Networks. The automation
intrinsic to the OS as it currently exists is IMHO like a toe on the
trigger. We'll happily keep typing in our multitude of IDs and passwords
(and keeping our credit card numbers in our LEATHER wallets, thank you very
much) while they teach the OS to defend itself, rather than self-mutilate.
-----Original Message-----
From: John Hornbuckle [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 12:08 PM
To: NT System Admin Issues
Subject: RE: Microsoft Has Nimda
I didn't say that.
What I said was that the person at Microsoft who was responsible for
maintaining such a high-profile Web site should be fired if they failed
to keep that site up-to-date. Not having properly-patched servers is a
terrible embarrassment for Microsoft (assuming that this is how NIMDA
got through the gate).
And let me turn your question around... Should there be no
accountability? Should everyone who failed to maintain proper security
be patted on the back and told they're doing a good job? Aren't we
supposed to be professionals? Aren't we paid to do our best to prevent
this sort of thing from happening?
We all screw up sometimes. I'm certainly not perfect myself, and I don't
expect anyone else to be. What I *do* expect is that system
administrators will take reasonable measures to ensure the security of
their systems. I don't think it's unrealistic for the world to be able
to rely on us to do our best to ensure that our servers don't get
infected by a worm that exploits a vulnerability that was identified a
year ago (the web server folder traversal issue was first addressed in
MS00-057 in August of 2000).
________________
John Hornbuckle
Network Manager
Taylor County School District
318 North Clark Street
Perry, FL 32347
-----Original Message-----
From: Martin Blackstone [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 11:52 AM
To: NT System Admin Issues
Subject: RE: Microsoft Has Nimda
So everyone who got Nimda should be fired?
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
