Well, Mr. Mullen's columns are certainly those whose get the most comments posted... And that is why I like about them...

I would have to disagree with the above comment that stated that MS softwares cannot protect themselves against holes with anything else than a patch.
There are various security tools (shipped with Windows, in the ResKit, or by 3rd parties) that allow you to harden MS OSes and softwares.

Yet these tools are less popular than equivalent Unix tools (setuid, chroot, ACLs, tripwire, sudo, openssh, etc.). Even the Event Viewer in Windows is often not used as well as its Unix equivalent syslog.

To me a part of the problem is historical Windows culture : the apparent similarity of "Windows 2000 Server" and "Win 95 Home Edition with 3 months of free MSN access" make some believe that operating a critical server running on MS is easy.
Connecting from the system console with the administrative account is done exceptionnally in Unix, but it remains common in Windows, even for things than could be done remotely. the "su" command is much more used than the Windows equivalent "runas". TCP Wrappers is often installed by Unix admins to create ACLs on their boxes. Similar tools exist in NT and 2000, but are not often used (a how-to for W2K has even been published on this site a few months ago).

But then there are far more MCSEs than Unix-Certified professionnals, aren't there ?

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/152/19217#19217