http://www.esnips.com/doc/77f2f674-d359-4811-82df-01536c43a914/XP-CRASH interesting song regarding xp
On Wed, Jan 21, 2009 at 5:46 AM, Gary Brown <[email protected]> wrote: > That is a tall order. Especially when your target audience is admin's with > no formal training, of which there are more and more every day. > > It all comes down to education which, in any form (formal or self learning) > is time consuming. I think most of us will pursue our goal, say opening an > FTP site on a home PC, only as far as it takes to get it working. There are > plenty of tutorial sites on the internet that will show you an incomplete > solution. They may have a warning or two but they may not. That, coupled > with the "it can't happen to me" frame of mind, makes for a situation where > the warnings may be ignored anyway. > > I'm really not sure if there is an answer to your question that could be > implemented. Of course if you could rewrite the internet... :) > > ----- Original Message ----- > From: chris yarger > To: [email protected] > Sent: Tuesday, January 20, 2009 9:28 PM > Subject: Re: Yet another reason to stay away from Windows > how can we be of help to the average ignorant windows admin? to keep them > from opening such vulnerabilities unknowingly? > > On Tue, Jan 20, 2009 at 9:20 PM, Gary Brown <[email protected]> wrote: >> >> I can attest to the anonymous FTP blunder first hand. About 4 years ago a >> Win XP box became a SPAM generator for about 9 hours. I learned my lesson >> though. I lock down everything now. >> >> Speaking from experience, Linux makes it harder for average users to >> expose the system because you have to learn how to make the services >> available (by reading a lot material) and in the process you become aware of >> the dangers whereas Windows makes it easier to stumble through making >> services available without learning anything in the process. >> >> >> ----- Original Message ----- From: "Kevin Thorley" <[email protected]> >> To: <[email protected]> >> Sent: Tuesday, January 20, 2009 1:16 PM >> Subject: Re: Yet another reason to stay away from Windows >> >> >>> On Tue, Jan 20, 2009 at 1:04 PM, chris yarger <[email protected]> wrote: >>>> >>>> With things like this happening in windows why not keep to linux? >>>> >>>> http://www.theregister.co.uk/2009/01/20/sheffield_conficker/ >>>> and >>>> http://www.theregister.co.uk/2009/01/20/mod_malware_still_going_strong/ >>> >>> Or, why not at least hire a competent IT staff. In both of these >>> cases, it seems to be a problem with either IT security policy or >>> implementation. I have had two Linux servers compromised in the past >>> 10 years. One was due to foolishly allowing (or failing to not allow) >>> anonymous ftp. That resulted in a rootkit and a fresh install of the >>> OS as a fix. The other compromise was due to a user whose password >>> was the same as their username. The onsite admin (really customer >>> service rep who knows how to log in to the server to do simple tasks) >>> had set the password from the root account. The result was that the >>> server then became an IRC server for connections from Romania, among >>> other things. >>> >>> Poor IT is poor IT, regardless of the OS >>> > >
