Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: exploit to vulnerability

from [Bruce Martins] Network Security [Permanent Link]
Subject: Re: exploit to vulnerability
Date: Fri, 19 Aug 2005 13:03:14 -0400 
To be honest I use my own machine to test out the patches before applying them 
to machines, not the best way but cuts down on time I don't have to test also 
use of vmware sometimes
Bruce Martins
Systems Administrator
EXTEND>>MEDIA
190 Liberty Street
Toronto, Ontario
Canada
M6K 3L5
_______________________
e:bmartins@extend.com
t: (416) 535-4222 ext. 2307
f: (416) 535-1201
http://www.extend.com
--------------------------
Sent from my BlackBerry Wireless Handheld


-----Original Message-----
From: Murad Talukdar <talukdar_m@subway.com>
To: focus-ms@securityfocus.com <focus-ms@securityfocus.com>
Sent: Fri Aug 19 02:11:17 2005
Subject: exploit to vulnerability

With all the issues highlighting the speed that exploits are now being
written (eg http://www.securityfocus.com/news/11285 )
The window between exploit/vuln, appears on average, to be getting tighter.

We have an SME network and I used to have a week or so to test patches
before rolling them out. 
This all begs the question now, with limited resources, do I just patch and
not worry about testing? I definitely have fewer resources than some of the
companies that were hit (CNN et al) and less time to dedicate to patching. 

Should I just use auto updates/GP to patch everything regardless?
What do other SME admins do?

Kind Regards
Murad Talukdar




---------------------------------------------------------------------------
---------------------------------------------------------------------------




---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: exploit to vulnerability, Depp, Dennis M.
Next by Date:  RE: exploit to vulnerability, Richard Whitworth
Previous by Thread:  RE: exploit to vulnerability, Depp, Dennis M.
Next by Thread:  Re: exploit to vulnerability, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Indexes:  [Date] [Thread] [Top] [All Lists]