"2) IPSec encrypts packets (mostly for VPN nets*), and does not "secure services" (else that nasty ol' Messenger Service spam would've been dealt with a long time ago by simply using IPSec instead of registry hacks, eh?) I'm also curious about this new and mysterious "protocol layer" you mention as well."

LMFAO, uhm yes IPSec DOES secure services, this shows how clueless you are. IPSec is not just for encryption, it is also port management (somewhat like iptables). I'm not going to waste too much time on this but to make it simple for you, you can block requests to specified ports, ips, etc. Take some time one day and create your own IPSec security rule - you'll see the traffic management options there for you.

"It would be fun to see how basic Win2k/3 security involves securing Exchange when most folks use a real mail server instead... "

Like sendmail right? There are not that many vulnerabilities for Exchange... so I'm not sure where you are getting this from (perhaps, your mind?).

"I'll believe that IIS is finally somewhat secure when all the infected IIS box out there quit polluting my Apache logs with Nimda scans."

Sure, blame worms on the web server type - not incompetent admins like yourself who can't properly configure IIS (i.e. see remove scripts and keep patched for starters).


As for everything else you mentioned, I'm not going to bother responding to it because I don't feel you are capable of understanding... I thought you were somewhat intelligent but apparently I was mistaken. But, what do you expect from a *nix admin, I guess.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/157/19798#19798