North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: New Computer? Six Steps to Safer Surfing

  • From: Suresh Ramasubramanian
  • Date: Tue Dec 21 01:34:51 2004
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=LbViZ4bVuFzFXPVp8Hp1cfOCyohzmYB+LefRgw7Bfg1isan4lyQqYom6WL9kQEpYzdCFwkzWNS21W/dsllbpNq6bgAu7SfHl332ZkgfmAfC2fz3/jncPhc8kbJk2thAoraK9eqcPa5ZGhXqHww+rvyCWRpbjh6Qheu8tZ5Y1lRs=
On Tue, 21 Dec 2004 06:22:17 +0000 (GMT), Christopher L. Morrow
<[email protected]> wrote:
> there are others of course... it's not the OS that matters in the long
> run, it's the administration of that OS (or so it seems to me, admittedly
> not a sysadmin though, anymore). Sure, initial/default installs might be
> problematic in one/all OS's, but by and large extended lifetimes on a
> live/hostile network means patches must be applied. Seems like that
> doesn't happen by and large.

[waiting for an OpenVMS user to speak up] 

Frankly, from an operational perspective, I guess the only way to go
is to trust the inside of your network even less than you trust the
outside ... and have processes that quickly isolate and block access
from / to compromised hosts till they are fixed.

Modulo various "100% efficient" solutions that I see advertised, we do
need a reliable, and quick reacting, way to do this.

-- 
Suresh Ramasubramanian ([email protected])