Should ISPs control what applications their customers can run?
frankly and truly, i would be satisfied if isp's wouldn't run outlook/exchange
in their noc/abuse departments, so that they could safely accept mime-mail
rather than bouncing it as their only means of keeping themselves virus-free.
On Mon, 16 Jun 2003, Paul Vixie wrote:
Should ISPs control what applications their customers can run?
frankly and truly, i would be satisfied if isp's wouldn't run outlook/exchange
in their noc/abuse departments, so that they could safely accept mime-mail
rather than bouncing it as their
why can't multibillion dollar companies figure that out? it does mystify
me :)
The only lame excuses I can come up with are possibly:
laziness, stupidity, ignorance, complacency, fear of non-compliance (but
I think that's a stretch) and perhaps the raccoon mentality of 'it's new
and shiny - I
therefore
3) why would anyone ever run outlook
i love outlook2003. no joke, i use it every day. whenever i get an
attachment that seems reasonable and i need to open it, i put it in the
folder that outlook can see, and i read it. i also share a calendar (in
three directions) using
the thing that actually burns my hash, is when my spam
complaints or noc correspondance are robotically bounced because they
contain dangerous mime attachments of type message/rfc822 (spam
examples) or text/plain (traceroute or tcpdump output). if your noc
or abusedesk has such a robot
On Mon, Jun 16, 2003 at 03:43:41PM +0100, Brandon Butterworth wrote:
the thing that actually burns my hash, is when my spam
complaints or noc correspondance are robotically bounced because they
contain dangerous mime attachments of type message/rfc822 (spam
examples) or text/plain
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Brandon Butterworth
Or they may be happy thinking their NOC is more 0day virus proof rather
than hoping a 3rd party will update their scanner in time
Who'd want to risk the NOC falling to the same
On Mon, 16 Jun 2003, Paul Vixie wrote:
therefore
3) why would anyone ever run outlook
i love outlook2003. no joke, i use it every day. whenever i get an
attachment that seems reasonable and i need to open it, i put it in the
folder that outlook can see, and i read it. i also share
I think pauls point may be:
If they use text based mailers
I know, intrinsically safe is good but that's not what managment
wants so you end up with bodges to make their choices safer. Some
people may go too far
It's a lot harder to open up a microsoft executable on a *nix
[EMAIL PROTECTED] (Brandon Butterworth) writes:
I think pauls point may be:
If they use text based mailers
text based is not what i'd require. professional grade is the right term.
that can be anything from xmh to eudora as long as it was written to stand
up to the worst the
Christopher L. Morrow wrote:
yea, if my sister in-law (who barely knows what 'computer' means most
times) can come to the conclusion that:
1) all email viruses of note are outlook targetted
2) everyone with outlook gets viruses
therefore
3) why would anyone ever run outlook
why can't
Paul Vixie wrote:
text based is not what i'd require. professional grade is the right term.
that can be anything from xmh to eudora as long as it was written to stand
up to the worst the internet is capable of delivering to it. text based is
my own preferred crutch but you don't need text based
As far as I could tell, the vector was AOL IM. So, it's not only M$
and outlook. Why oh why are vendors shipping with defaults like no
restrictions on buddy downloads and execution?
Hiya,
The same reason why some linux installs were/are totaly open:
They wanted it to work outta the box.
On Sat, 14 Jun 2003, Randy Bush wrote:
so where is the authoritative web site
http://make-your-stinkin-windoze-system-safe.clue
to which we can point all our friends (and use to lock down
our kids' machines/sites)?
How could you have missed Dewie the Internet Security Turtle?
warning: there are no IOS configuration commands in this thread. hit D now.
�
[EMAIL PROTECTED] (Sean Donelan) writes:
However, in a country where VCR's still flash 12:00, users are not
going to read the manual or a web site or anything else. Despite
liking to pick on Microsoft, as soon as
On Fri, 13 Jun 2003 [EMAIL PROTECTED] wrote:
The last time this topic came up, it was suggested by others that either
trojan or virus software was installing/creating open proxies. I wrote
that off as people being overly paranoid. I'm sorry to say that I now
know this to be true and have
According to a study by America Online, 89% of the computers with
broadband connections are not safely configured. 91% of the computers had
what AOL categorized as spyware installed. In reality, the connection
method isn't the determining factor.
RB Date: Sat, 14 Jun 2003 21:59:29 -0700
RB From: Randy Bush
RB so where is the authoritative web site
RB
RBhttp://make-your-stinkin-windoze-system-safe.clue
Plenty of *ix idiots running vulnerable systems and servers,
too. Follow a Cobalt mailing list and live in fear.
RB to which we
so where is the authoritative web site
http://make-your-stinkin-windoze-system-safe.clue
Plenty of *ix idiots running vulnerable systems and servers,
too. Follow a Cobalt mailing list and live in fear.
for which there are system-specific sites telling you how to
lock it down, e.g., as
http://www.nsa.gov/snac/win2k/download.htm
http://www.arstechnica.com/tweak/win2k/security/begin-1.html
might be places to start
john brown
On Sat, Jun 14, 2003 at 10:22:50PM -0700, Randy Bush wrote:
so where is the authoritative web site
hope randy doesn't mind the xlate from private post to list post
http://www.nsa.gov/snac/winxp/guides/wxp-1.pdf
http://www.giac.org/practical/GSEC/Trevor_Cuthbert_GSEC.pdf
http://www.microsoft.com/windowsxp/pro/using/itpro/default.asp#section6
john brown
On Sat, Jun 14, 2003 at 10:28:42PM
http://www.nsa.gov/snac/winxp/guides/wxp-1.pdf
http://www.giac.org/practical/GSEC/Trevor_Cuthbert_GSEC.pdf
http://www.microsoft.com/windowsxp/pro/using/itpro/default.asp#section6
cool. thanks. in a side conversation, a friend from redmond says
http://www.microsoft.com/security/
Has links
Hey gang,
Some ISPs, such as RR, appear to be implementing
what I personally would consider quite aggressive approaches to guarding their
network by implementing "proactive" scanning of non-customers, similar
to what's described at
http://security.rr.com/probing.htm
In this
On Fri, 13 Jun 2003, Kuhtz, Christian wrote:
Some ISPs, such as RR, appear to be implementing what I personally would
consider quite aggressive approaches to guarding their network by
implementing proactive scanning of non-customers, similar to what's
described at
24 matches
Mail list logo
