|
From: Walden H. Leverich I was going to let this thread go... Really I was. But since you make a point of saying you're referring to SERVER windows, let's look again at your example of how bad Windows is:
Hey, Walden, have you apologized to the iSeries team about your remarks about the password "security issue"? I didn't think so. Just putting your comments in perspective.
Of the 10 vulnerabilities on the SANS site: The 1st applies to W2KSP4 and XPSP2. So unless you're running a 6-year old OS version who cares. And IF you do care, since it's an RPC request why would you be allowing those against your server anyway.
I know tons of shops still running these versions, Walden.
The 2nd refers to a string passed to the MessageBox function. So, unless you're downloading stuff from the web, or reading email, ON YOUR SERVER who cares!
And how do you get patches onto your server, Walden? Do you think everyone who runs a server actually downloads to a separate machine and then copies the files to the server? I know companies who do, of course, but that's because they realize how porous Windows is. But the fact is that WINDOWS SERVER SHIPS WITH IE, AND SO PEOPLE USE IT.
The 3rd refers to a problem on the MAC! This has what to do w/windows?
C'mon, Walden, I pointed this out. In fact, I pointed out that it's funny that Microsoft "accidentally" released a patch that breaks Macs.
The 4th, 5th, 6th & 10th are Office issues. Why would you run office on a SERVER?
It depends what you use your server for. I can think of plenty of reasons where you might use Word or Excel to do batch processing of documents. But In general, you're probably correct that these are less likely.
The 7th refers to an issue in a 6 year old OS. Still running W2K? OK, still running V4R2?
I have a box still running W2K, Walden. Hell, I have clients still running W98. One just got off of W95. And yes, there are lots of boxes still running V4R5 and below. And because they're NOT running Windows, they don't have these problems!
The 8th refers to a problem that would occur in a client app -- again, why on a server? The 9th refers to a problem in XP -- again, not a server issue.
I agree here, these are pretty low priority issues.
So.... Bottom line, NOT A SINGLE ONE of these issue is even an issue on a current Windows server. Joe, try again.
That really depends on what you mean by current. If you means within the last year or so, you're probably correct. But that means I need to upgrade my server to a new version of the operating system every time Windows comes out with a new one, which is a completely different subject. How many Windows boxes will continue to run software that is running today on Windows 2003 without a modification when they upgrade to Vista? My guess is damned few. Whereas I know of very few changes that have been required for people upgrading from as far back as I can remember on OS/400. But that's a different subject for a different day. Your point is that a IF you have the latest operating system and IF you have all the latest patches and IF you don't use any Microsoft applications like IE or OFFICE, then your Windows server is pretty secure. Okay, I guess I can buy that. But even then it's not as secure as the iSeries, especially if you fire up IIS. Oh yeah, that's another one of those Microsoft applications, probably don't want to use that either. Happy New Year to you, too! Joe
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
