Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Apologist Apologizes for Microsoft

Posted by ryuzaki0 on from the calling-it-like-it-is dept.

hillbilly1980 writes "Internet Week has published a counter article in response to the number of anti-monoculture security papers recently published. Unfortunately the author starts out by writing off the other papers as simply anti-Microsoft, unfortunate because his paper never gets past being more then just pro-Microsoft. One of his suggestions to secure your enterprise... turn off port 80." Probably the best thing to do to prevent disinformation from entering your company is to block articles by Rob Enderle. Update: 10/11 00:54 GMT by M : Note for the record that the original version of the article referred to blocking port 80; the article has now been edited to refer to port 135.

11 of 446 comments (clear)

  1. Bah! by Plix · · Score: 4, Funny

    One of his suggestions to secure your enterprise... turn off port 80

    That's nothing. To be *really* secure I just don't even turn my computer on!

    1. Re:Bah! by CyberVenom · · Score: 3, Funny

      Unfortunately your computer wakes up as soon as I send a packet because you forgot to turn off the Wake-on-LAN feature of your integrated NIC.

  2. Turning off port 80. by FatCobra · · Score: 3, Funny

    Yeah lets all turn off port 80; its like having e-business without the "e"!

    --
    -On ones tombstone there will be 2 dates, Make the dash between them count!
  3. He seems to be suggesting by kfg · · Score: 2, Funny

    that if I'd kept 30% of my infrastructure running Microsoft software for compatability reasons I should just go ahead and ditch it all?

    Or am I just reading that wrong?

    KFG

  4. Re:Michael is a hippie. by An+Onerous+Coward · · Score: 4, Funny

    The last time one of Rob Enderle's stories hit Slashdot, I went and did some googling around. An hour later, I had absolutely no evidence that the set of analysts comprising the Enderle group was any larger than the set composing Rob Enderle himself.

    He probably has a stuffed penguin as a technical advisor, and I'd also bet that his technical advisor frequently gets pins stuck in him.

    --

    You want the truthiness? You can't handle the truthiness!

  5. Real Security by Newsome · · Score: 2, Funny

    That won't really do either. If you want a real secure computer, here is a nice howto.

    --
    http://www.tuxrocks.com/
  6. Re:port 135, not port 80 by Cipster · · Score: 2, Funny

    They listened to him and turned off port 80....

  7. Re:Funny by Brandybuck · · Score: 2, Funny

    Or you could just make sure everything is off. I don't know how much more simple you can get. Of course, you do need a little bit of education to know how to tell that you really do have everything off, but it's still a heck of a lot simpler than learning assembler.

    Oh! We're talking about Windows. Maybe learning assembler is easier...

    --
    Don't blame me, I didn't vote for either of them!
  8. Of course by Pan+T.+Hose · · Score: 2, Funny

    Or you could just make sure everything is off. I don't know how much more simple you can get. Of course, you do need a little bit of education to know how to tell that you really do have everything off, but it's still a heck of a lot simpler than learning assembler.

    Great idea. Let me make sure everything is off in my lab. Let me also ask management of my institute to file for bankruptcy while I am at it. I am sure they will thank me for making our network absolutely safe.

    --
    Sincerely,
    Pan Tarhei Hosé, PhD.
    "Homo sum et cogito ergo odi profanum vulgus et libido."
  9. Good point by Pan+T.+Hose · · Score: 2, Funny

    You mention quite a few very important but frequently underestimated issues here. The network where I work is constantly being monitored and we know that firewalls and IDSs need to work both ways. I think that the prosecution one of our workers who was downloading pornography using our network (the poor bastard thought des encrypted icmp echo reply payload was a good "covert channel" -- not when I am in charge) will face in few weeks pretty much speaks for itself.

    --
    Sincerely,
    Pan Tarhei Hosé, PhD.
    "Homo sum et cogito ergo odi profanum vulgus et libido."
  10. Re:Funny by Geek+of+Tech · · Score: 2, Funny
    > It may be funny, but sadly some people do really think that firewalling port 80 (or 8080, or 21, or 20, or 22, or 443 -- et cetera, ad nonsensum) is the answer indeed. Some people may be surprised (not Slashdot readers though, mind you) but there simply is no simple answer. There is no working snake oil. The buzzword of the week alone will not save you. What are my answers then? Simple. Read Security Focus. Read Crypto-Gram. Read Phrack. Read the underground IRC discussions. Read encrypted Usenet posts. Read the articles posted on Freenet. Read the books for god's sake! Read about systems. Read about networking protocols. Read about cryptography. Read about cryptanalysis. Employ honeypots in every network. Learn C. Learn Assembly (Intel as well as AT&T syntax, for different CPU architectures). Learn executable binary formats. Learn how to see polymorphic shellcodes in network packets hex dump, just looking at tcpdump output scroling on your terminal. Learn how to speak different protocols (http, smtp, pop3, etc.) with netcat, then making your own tcp packets, then your own hand-made ip packets, then ethernet, ppp and slip. Learn. Read. Then learn some more. Read. Read. Read. And learn the one most important thing: security is not easy. When everything fails, you are on your own.

    Great idea! After I get done with that, I think I'll teach the users the difference between real error messages and banner ads.....

    --
    Stop the Slashdot effect! Don't read the articles!