The perfect gift for Christmas

re: The perfect gift for Christmas

bradley — Fri, 11 Nov 2005 01:31:00 GMT

The good thing about IE and SP2 is their automatic upgrades as long as you keep in touch things just keep getting better. lets face it the other platforms are just to hard for us simple folk.

re: The perfect gift for Christmas

bradley — Mon, 29 Nov 2004 13:25:00 GMT

Messenger service is disabled in Sp2, there are changes to the OS such that IE is not vulnerable to IFrame [and dude, read the Full disclosure listserve ... all browsers are evil and have unpatched vulns]... I have defense in depth because I 'DON'T' just have a firewall on the "outside", I have it inside as well so I don't have to worry about a SQL slammer anymore on the inside of my network because 1434 is a closed port.

If you just depend on the firewall on the outside [insert any flavor of OS] then you are missing where your real attack surfaces are.

Sorry but XP is "not" buggy and I pushed out via www.shavlik.com sp2 to all my machines and only hade video card issues with 2.

Those same patches in my network took 5 minutes. www.shavlik.com is free to 1 servers and 10 workstations and patches Windows and Office. The power of group policy my friend. If it took you 5 hours, you are stil sneakernetting.

Work smarter not harders dude.

re: The perfect gift for Christmas

bradley — Mon, 29 Nov 2004 09:23:00 GMT

last post - promise!
all my machines use nvidia cards (bar 1 laptop) and i have already experienced <a href="http://www.spyjournal.biz/techtips/2004/11/directx-9c-problems.html">issues </a>with the forced upgrade to directX 9c

re: The perfect gift for Christmas

bradley — Mon, 29 Nov 2004 09:20:00 GMT

oh and i dont use IE except when absolutely bloody necessary because some people cant write w3c compliant websites

re: The perfect gift for Christmas

bradley — Mon, 29 Nov 2004 09:19:00 GMT

Thanks susan for the advice
i have however got my 6 machines safely running on xp sp1 behind a linux firewall, have no need of group policies and use realvnc to remotely manage my machines.
i do a custom install of win xp (removing lookout express windows messenger and other security holes left open such as plug n pray messenger service (See grc.com)
i then use the freed cd microsoft sent me to update the pateches as much as possible before turning auto update from the net. (then install nortons and spybot and adaware)
total build time is about 4 hours including partitioning and formatting hard drives.
i have deliberately run the dont deploy sp2 patch
i will probably get around to trying it out on a non critical machine in the xmas break and if it goes painlessly then will attempt the rest.
in contrawst to the pain installing xp is linux installs in 30 mintues and is remotely configured ina nother 30 minutes. It is stable, inherently more secure and free! I pay a professional a nominal fee for his time to mainain it remotely and deploy upgrades as necessary.
i cannot afford the cost of shifting to a windows based client server model and the effort to keep a server running windows software (targeted by hackers) u tpo date constantly.
for example the 22 odd critical patches released in sept / oct by ms including patches to office xp and other apps took me a combined 4-5 hours to downloand and deploy just on my workstations. this is just non recoverable time to a small business (but must be done all the same)

Not wanting to gripe and don't want this to appear to be a whingefest, but my experience with ms os is that they are inherently buggy and insecure, and do not work conssitently across differnt hardware. hence the reluctance to upgrade to sp2 when even the main MS website recognises it is a difficult thing to install and there will be problems.