Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Windows Vista current flaws

from [Roger A. Grimes] Network Security [Permanent Link]
Subject: RE: Windows Vista current flaws
Date: Tue, 27 Sep 2005 12:33:08 -0400 
I'm not sure there is a "right" position on this...only conjecture and
opinion. Here's mine.

Vista has several new good security features, that make it a more secure
platform than XP, not the least of which is IE 7 and Least Privilege
User accounts. It, no doubt, has new security flaws. But few of them
will come out before its official release, and of those, none will be
widely exploited now because the OS isn't popular enough to allow
Vista-only malware to spread. So, overall,the risk is probably less than
XP...but it's all conjecture in the end.

Widely spreading malware is rarely cutting edge. Usually there has to be
a saturation of the marketplace with the vulnerable software, before the
risk really increases.

Roger

************************************************************************
***
*Roger A. Grimes, Banneret Computer Security, Consultant 
*CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, CHFI, TICSA
*email: roger@banneretcs.com
*cell: 757-615-3355
*Author of Honeypots for Windows (Apress)
*http://www.apress.com/book/bookDisplay.html?bID=281
************************************************************************
****

 

-----Original Message-----
From: Jon Lawhead [mailto:samurai@berkeley.edu] 
Sent: Tuesday, September 27, 2005 12:01 AM
To: security-basics@securityfocus.com
Subject: Windows Vista current flaws

Greetings all,

I work in Network Security for UC Berkeley's residence halls.  We have a
list of several "minimum security standards" that we require all
connected computers to meet before being allowed access to the network
(stuff like having a firewall program, antivirus, etc).  One of the
standards involves having the latest patched version of a secure
operating system.  I have a user on the network who wishes to run a
(legitimately acquired, or so he says) version of Windows Vista beta
version. 
 Before I decide on this, I wanted opinions on whether or not this is a
good idea.  My first instinct is to disallow any beta operating systems
simply on the grounds that they'll be buggy by definition and may
potentially have serious security flaws, but I can't find anything to
back this up.  Just wondering if I could get a few opinions on whether
or not this is a good idea.  Thanks!


Jon Lawhead
Network Security Coordinator
Residential Computing
University of California, Berkeley
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Software Firewalls, Mike Fetherston
Next by Date:  RE: Software Firewalls, Lance.Druger
Previous by Thread:  RE: Windows Vista current flaws, Joe_Wulf
Next by Thread:  RE: Windows Vista current flaws, Lance.Druger
Indexes:  [Date] [Thread] [Top] [All Lists]