Secure by Default

Threat level definition

Secure by Default
Tim Mullen, 2003-04-27

With Windows Server 2003, Microsoft has finally produced an operating system that isn't begging to be hacked on the first boot.

Expand all | Post comment

Secure by Default - oh boy, here we go again. 2003-04-28
Anonymous

Secure by Default - READ BEFORE YOU POST. 2003-04-28
Anonymous (2 replies)

Secure by Default - READ BEFORE YOU POST. 2003-04-28
Anonymous (1 replies)

Secure by Default - READ BEFORE YOU POST. 2003-04-29
Anonymous (2 replies)

Yawn. Another "I'm more geeky than you" pissing contest. (N/T) 2003-04-30
Anonymous

Secure by Default - READ BEFORE YOU POST. 2003-04-30
Anonymous (2 replies)

Secure by Default - READ BEFORE YOU POST. 2003-05-01
Anonymous (3 replies)

Secure by Default - READ BEFORE YOU POST. 2003-05-02
Anonymous

Secure by Default - READ BEFORE YOU POST. 2003-05-02
Penguinisto (1 replies)

Secure by Default - Learn something (before you reply again). 2003-05-06
Anonymous (1 replies)

Oh puh-leeze - you have to resort to sematics games? 2003-05-08
Penguinisto

Secure by Default - READ BEFORE YOU POST. 2003-05-03
Anonymous

Secure by Default - READ BEFORE YOU POST. 2003-05-06
Anonymous

Secure by Default - READ BEFORE YOU POST. 2003-04-30
Anonymous

Secure by Default, Insecure by Birth 2003-04-28
Drek Software Inc. (2 replies)

Secure by Default, Insecure by Birth 2003-04-28
Anonymous

Secure by Default, Insecure by Birth 2003-05-03
Anonymous (2 replies)

Secure by Default, Insecure by Birth 2003-05-05
Anonymous

Secure by Default, Insecure by Birth 2003-05-06
Anonymous

Secure by Default 2003-04-28
alexbal

Secure by Default 2003-04-28
Anonymous

Secure by Default 2003-04-28
xenophi1e <oliver.lavery@sympatico.ca> (1 replies)

It's partly real, but partly a PR thing 2003-04-30
Anonymous

It does help, but it's partly a PR thing. Look at OpenBSD. They claim "no security holes in the default install since (insert date here)." But no one runs a default install of OpenBSD, because a default install is useless. What matters is how secure the OS is once it's had useful services turned on. This will let Microsoft push some of the responsibility back onto the user: "Well, the OS shipped secure, but then you went and turned on the web server. It's your fault."

Still, this is a big step forward and I applaud Microsoft for it, just like I applauded RedHat when they started shipping with a firewall and most services turned off a couple years ago. I don't expect Windows 2003 to be free of security holes, but I expect it to be a lot better than any version to date.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/157/19671#19671

Well, I'll give you this much, Timster... 2003-04-28
Penguinisto (4 replies)

Well, I'll give you this much, Timster... 2003-04-28
Anonymous (6 replies)

Well, I'll give you this much, Timster... 2003-04-29
Anonymous (2 replies)

Well, I'll give you this much, Timster... 2003-04-29
Penguinisto (1 replies)

Well, I'll give you this much, Timster... 2003-05-03
Anonymous (1 replies)

Well, I'll give you this much, Timster... 2003-05-05
Penguinisto

Well, I'll give you this much, Timster... 2003-04-29
Anonymous

Well, I'll give you this much, Timster... 2003-04-29
Anonymous

Well, I'll give you this much, Timster... 2003-04-29
xenophi1e <oliver.lavery@sympatico.ca>

Well, I'll give you this much, Timster... 2003-04-29
Anonymous

Well, I'll give you this much, Timster... 2003-04-29
Penguinisto

Well, I'll give you this much, Timster... 2003-04-29
Anonymous

Well, I'll give you this much, Timster... 2003-04-29
Anonymous (2 replies)

Zealotry comes in all forms. 2003-04-29
matt@beatlab.org (2 replies)

Zealotry comes in all forms. 2003-04-29
blacklight (1 replies)

Zealotry comes in all forms. 2003-05-02
Penguinisto

Zealotry comes in all forms. 2003-05-06
Noran Rad

Well, I'll give you this much, Timster... 2003-04-29
Anonymous

Well, I'll give you this much, Timster... 2003-04-30
Anonymous (1 replies)

Well, I'll give you this much, Timster... 2003-05-02
Penguinisto

Well, I'll give you this much, Timster... 2003-05-03
Anonymous

Secure by Default 2003-04-29
blacklight

Secure by Default (Pathetic) 2003-04-29
Anonymous (3 replies)

Secure by Default (Pathetic) 2003-04-30
Th. Klein

Opinionated by Default (Pathetic) 2003-04-30
Bruce

Secure by Default (Pathetic) 2003-05-02
blacklight (2 replies)

Secure by Default (Pathetic) 2003-05-02
Anonymous

Secure by Default (Pathetic) 2003-05-03
Anonymous

Secure by Default 2003-04-29
Anonymous (1 replies)

Secure by Default 2003-04-29
Doug Sibley (3 replies)

Secure by Default 2003-04-29
Anonymous

Secure by Default 2003-04-30
Anonymous

Secure by Default 2003-05-03
Anonymous

Secure by Default 2003-04-29
Anonymous (1 replies)

Secure by Default 2003-05-01
Anonymous

Hrm 2003-04-30
DC0 (1 replies)

Hrm 2003-05-02
Ryan Lambert

Secure by Default 2003-05-02
Ryan Lambert

Where can I find the companion texts you cited? 2003-05-02
Jim Barrett (1 replies)

Where can I find the companion texts you cited? 2003-05-06
Anonymous

Partial list of on default default services in ws2003 2003-05-05
Anonymous (1 replies)

Partial list of on default default services in ws2003 2003-05-06
Anonymous

Privacy Statement
Copyright 2009, SecurityFocus