Because, having worked with hundreds of windows machines over a decade...

November 07, 2007 03:49AM
The situation you describe isn't anything I've ever witnessed (ever). I'd have to see what the SANS institute did in their "study" to come up with those figures, because they don't even come close to mirroring reality. I have a feeling it was something like actively attack the computer with a method that was known to be successful with a computer that wasn't patched. 174 minutes sounds like a brute force attack on a basic password. If FTP is on you can quite easily brute force the password due to how FTP works, but any operating system is vulnerable to that same attack. <br> <br>Interestingly enough the securing mechanism for IIS are eerily similiar to the ones for Apache/etc. IE, keep it patched and don't write stupidly vulnerable software that does stuff like directly read fields into database queries and such. Likewise, don't give the account executing when users visit admin rights, etc. Common sense stuff really. One of my co-workers who came from the NSA said the major difference between XP/FreeBSD in terms of security was the ability to spoof the IP table, which is fixed in Vista. Certain applications like Firefox & IE are vulnerable to attacks where the 3rd party libraries they use to render JPEG's and such are poorly written. All in all though, assuming a patched system, the biggest contributor to insecurity is the person using the computer.
Subject Author Views Posted

Getting a server accessible on the internet

Leprechaun 1589 November 03, 2007 03:42AM

Port Forwarding and ISP restrictions

Rade 1041 November 03, 2007 04:18AM

Oh, also

Rade 1033 November 03, 2007 04:21AM

None taken :)

Leprechaun 1000 November 03, 2007 05:21AM

Statistically speaking...

Rade 1015 November 03, 2007 05:59AM

Yeah me too

Leprechaun 981 November 03, 2007 04:28PM

That's not even vaguely true but ok.

Death_Claw 1038 November 06, 2007 04:23AM

The SANS Institute disagrees with you

Rade 1089 November 06, 2007 04:33PM

Because, having worked with hundreds of windows machines over a decade...

Death_Claw 1057 November 07, 2007 03:49AM

Install Bitdefender, its $60, then use port forwarding.

Death_Claw 1037 November 06, 2007 04:34AM



Sorry, only registered users may post in this forum.

Click here to login