Some of who use Unix professionally and as security engineers are not High School kiddies - I began using Unix on a DEC PDP-11 in 1979. You may have valid points about the state of 2000/2003 Server security - on fact I agree with this assesment. Your immaturity and ignorance in presentation do a disservice, however; and they destroy the credibility of your argument.

I have an MCSE with both of the principal security exams. At no time was I ever tested for the actual USE of group policy tools, or XCACLS for that sake. The security distinctions between REGEDIT.EXE and REGEDT32.EXE were never presented, nor even the concept of applying ACLs to specific keys in the registry. Like many of it's advocates, MS Systems posess potential, and lack culture or maturity.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/152/19242#19242