I have to disagree with you with regard to Tim Mullen's integrity. I have followed his posts for months, and I haven't read a single article from him that would cause me to doubt his good faith. Yes, he is pro-Microsoft as I am pro-Open Source but his voice is of the few genuinely honest pro-Microsoft voices around and I rely on his judgment to keep up with what Microsoft is doing - I did refer to these two Aberdeen loudmouths as Microsoft whores and if they are insulted, that is because the truth is insulting. Tim Mullen is nowhere near the standard set by these two among many others.

The fact is that Windows 2K is a significant improvement over NT: (1) support for Plug and Play, mitigation of the need to reboot the servers every time a new device is added or removed for one thing; (2) adding UNIX features such as replacing NTLM with Kerberos, wholesale import or stealing of BSD code, removal of this trusted/trusting domain garbage in favor of a hierarchic model, removal of the NETBIOS crap under certain circumstances, adoption of LDAP. I have even been told that XP supposedly supports several versions of DLLs simultaneously, just as Linux supports several libraries simultaneously - This should make patching XP machines a lot less risky. Microsoft certainly knows how to rip off good ideas, even as it badmouths the competition.

I'd say at this point that I would definitely think twice about running any Microsoft machines anywhere but behind a firewall, and I believe that anyone who puts Microsoft client machines directly on the Internet should be castrated. However, as long as they are behind a firewall and the clients are using NATed, nonroutable addresses, things should be OK and most security issues directly attributable to Microsoft should be manageable - and should be managed.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/127/17346#17346