- TalkBack 3 of 3:
- « Previous
- Thread View
- Flat View
- MS should stop "enabling" things
-
Microsoft could prevent a lot of these vulnerabilities from becoming a significant problem quite simply. If the default install mode of each networkable Windows feature was to be "Disabled", and network admins were expected to enable the things they needed, then things would be much safer. This way, for any given Windows function, only a subset of the world's computers would be exposed to the danger.
But the way it is, network admins and home users are expected to patch all kinds of things they don't use, because they're vulnerable AND enabled. If they were disabled by default, many virus and worm writers wouldn't even bother writing anything because of the "small audience" problem. (If the vulnerable PCs are rare enough, the worm or virus won't even spread.)
Let's face it, the vulnerability that MSBlaster exploited is in a relatively rarely used facility, RPC. Imagine if MS had set the default for it to "Disabled" or "Not Installed". That would have very easily prevented the whole mess.
(There was no way for me to load the patch on our PCs quickly enough. When I read that it was transmitted via TFTP.EXE, I decided to replace TFTP.EXE with a dud EXE file we wrote in Delphi that tells the user to call the HelpDesk. So I overwrote TFTP.EXE with that file via the login script. It would pop up whenever a PC was attacked, and when users stopped calling, I knew we had obliterated it.)
Overall, I spend a lot of my time learning how to disable or lobotomize Windows functions we don't use, and it has protected us many times. But there are an endless list, and you can't learn enough about them all in order to gain enough control.
- netminder - Posted by: netminder Posted on: 12/20/04 You are currently: a Guest | Members login | Terms of Use
Is it worth it
camplou | 03/20/04
|
|
MS Patches
richandbarb@... | 12/20/04
|
MS should stop "enabling" things
netminder | 12/20/04
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Server Consolidation and Containment With Virtual Infrastructure VMware To meet the constant demand to deploy, maintain and grow a broad array of ... Download Now
- VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now
- Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Save time with automated shipping solutions
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Visit the UPS Business Essentials Guide
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer >>
- Total Economic Impact of SQL Server 2008 Upgrade
-
Read the whitepaper to find out specific cost savings and efficiencies that your company could achieve.
- Click to download >>
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
- Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
- Linking Decisions and Information for Organizational Performance Read the Tom Davenport study
