Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Microsoft Webserver the most secure on the market

  1. #11
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    Originally posted here by Tiger Shark
    The chap at the danish site is absolutely correct. If fact I have an IIS5/Win2k box at home that is impenetrable...... Course I wouldn't dare connect it to the internet unless I switched it off first..... (and no..... The NIC does not support "wake-up over LAN")

    Wrong...technically someone could break into your house and have access to your computer, right? You have to make sure EVERY aspect of security is taken into account. The deeper you get into it, the more potential risks you will find. So NEVER say something is impossible. However, if you re-phrased it and said "nearly impenetrable" that might be true

  2. #12
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    You never met Emma and Hank?

    Emma is 95 pounds of pure bred German Shepherd from working stock. Hank is 80 pounds of pure bred German Shepherd from champion stock including being a direct descendant of a line of Schutzhund III champions, (schutzhund training is the ultimate training for German shepherds - it culminates at level III which is attack training where the dog _must_ attack on command and in certain circumstances should decide to protect the owner regardless of whether commands are given. They are required to "....bite, and bite hard..." as part of their evaluation yet they must also be docile and friendly despite any aggravation they might get from kids etc. Truly remarkable animals - The NJ police began using them about 10 years ago and cannot sing the praises highly enough)...... They have complete freedom of the house and all interior doors are left open. Wanna come play.......

    Seriously, though your point is correct and well taken - I only said in a post the other day that security is not one dimensional and that it has more then the three dimensions we are used to making it more difficult to comprehend and effect fully.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #13
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    lmao...I also have a German Shepherd, and they truly are the greatest animals. Extremely intelligent and amazingly gentle, unless the circumstance requires otherwise.

    If I come to your house, I now have enough knowledge that I will need to come up with another tactic, perhaps a tranquilizer gun....You would have been better of not telling me that

  4. #14
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Unfortunately, you will not need the traquilizer gun. I was actually talking a little bit of history. We had to put Hank down 2 1/2 years ago after many years of problems at the age of nine and Emma had to be put down a year later when she could no longer walk, aged 14. They truly are the best dogs without doubt. I do keep the sign on the back gate though. It has the silhouettes of 2 German Shepherds and the inscription "We can reach the fence in 3 seconds, can you"? It keeps most people out......

    But I believe we are wandering off topic..........

    Now I've blown my security, (or lack of it), allow me to rephrase.....

    I have a win2k/IIS5 box at home that is impenetrable IF people don't go breaking into my house...... Better?
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #15
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    perhaps someone has come up with a method to detect, read and decipher electromagnetic signals generated by your computer from a distance.

    OK...I'll stop now

  6. #16
    You know, who's to say this is not just some ploy to learn as he watches log files zip by? Wouldn't you like to attract the most intelligent intruders in a situation like he's set up? Why not say your machine's unhackable??? That will attract more people to try to break it! IMHO I don't think this person's bragging just to brag... I think it's bait to catch some knowledge.
    Analog = Classical
    Digital = Techno

  7. #17
    Junior Member
    Join Date
    Oct 2002
    Posts
    17

    Talking I Agree.....

    He just Seem to be just that type of Elitist .. who wishes he knew more than he really does....


    LOL- hehe

  8. #18
    Junior Member
    Join Date
    Nov 2002
    Posts
    10

    Talking Walking the fence, both sides have merit

    [OK - this is my virgin post on Anti Online so go easy with me...]

    I think in the case of Internet Information Server 5.5 (don't even bother with previous versions - they're obviously swiss cheese and undisputed as such I imagine) you have to look at this in the "marketing vs. security" light. As we all (should) know, installing IIS in the normal Microsoft fashion performs the kitchen-sink install, turning on a ton of features that aren't needed.

    It's really quite silly, considering that the "features" that are least often used are the very features that I'm sure some security guy in Microsoft suggested in a meeting at some point not be enabled by default - only to get a sound trouncing by someone in marketing holding the ace of spades to his queen of hearts. Silly stuff like the handful of ISAPI filters that don't need to be mapped are a good example. Less than 1% of the folks using IIS need this stuff. Were they to be unmapped in the default install, Microsoft would be better served in doing the one thing they've been terribly unsuccessful at thus far - mitigating bad press.

    Given Mr. Gates' cry for more security in his organization, I expect we will see some serious changes to the default installation schemes in .Net and/or whatever other versions of Windows are coming down the pipeline. This will certainly be an indication as to whether or not Bill is _serious_ about security. If the default install changes - and they start requiring an administrator of an IIS machine to know how to turn on (as well as off I guess in this case) those features that are needed, we'll know he was serious. If things don't change, we'll know that Microsoft is first and foremost a marketing company. (Which currently stands as the truth IMHO.)

    I certainly agree that any fool who says "I've got product XYZ over on IP address x.x.x.x and it is utterly un-hackable!" deserves to wind up on the front page of the trade rags in full regalia with their pants down around their ankles. Alas, I don't believe this is what was said in the original article. The statement made was (to paraphrase) "you can make it as secure as you care to". This means that some form of intellect other than "click the Yes or OK button" is involved.

    Personally, I'm a huge fan of Open Source. I use a lot of Linux, OpenBSD, Apache, and a host of other open source releases. I also admin Windows by day, which helps me keep up with my two most favorite past times - living indoors and eating. I've used both, made both secure, and seen both hacked to hell in a handbasket as well.

    Cheers,
    Kyrka

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •