"MCSE means Must Call Someone Else. I remember a book, yellow and black : MCSE for dummy!"

Are you joking? There are 250 page books on the preparation for taking a Win2K MCSE. If there is an "MCSE for dummies" book then it would be pretty useless, but somehow I think you were just being a smartass (or maybe you bought it and found it too confusing for you?).

"It's exactly that : MCSE is for dummy and I know many company that refuse to work with MCSE because they had too much bad experience with them."

You know, I think the reason that half of you people dump on certifications is because you are just lazy twits and scared you would fail. Not to mention cheap. Certification cannot hurt anything, there is nothing wrong with expanding your knowledge - it doesn't surprise me that the *nix community doesn't agree with certifications, it just proves my point that most, if not all *nixers are lazy, broke and don't like working for a living and EARNING their titles like everyone else. Boy, I'm happy that my doctor doesn't agree with your way of thinking - "Hey Doc, what cert.'s do you have?", "Oh, none - I don't believe in Certification - I like to do things my way".

"And also, remember that only Windows needs to work before being secure. Windows needs its own security holes for working."

Eh?

"Just do your network with Unix, the operating system that creates and still operates Internet. You will have no problem of getting and keeping it operational, as you will have no problem to secure it."

Yeah, right... I bet the board members at my company would really go for "Hey, let's install UNIX!". They would take one look at it and laugh their heads off. They would probably say, "Hey, while we're at it, let's bring back the IBM green-screen Mainframe's!". I agree, UNIX machines are necessary to run the Internet - the tasks they perform are simple, and that requires a simple OS. You don't use a space shuttle to fly from NY to TX, you use a passenger plane. The shuttle is far too complicated and wouldn't suite the job. UNIX and Linux are good for simplicity, like forwarding packets and handling DNS requests. The real work comes in managing global companies and government operations.

"Try to disable null session on a domain controler"

have you ever heard of the "restrictanonymous=" registry value? IPSec filters?

"try to block remote command execution over NetBios on a file server"

err... remote command execution? I don't know about you, but my file permissions are set properly, and my netbios ports are not accessible due to 1) network places ipfilters and 2) ipsec and 3) strong passwords and 4) proper file and domain permissions. wtf? you think you can just telnet to port 13* and start running shell commands?

"try to manage your server remotely without opening an access as large as a remote desktop"

uhhhmmm... how is MS terminal services for web? uses port 80! what a hole! how about all of the third party apps like remotelyanywhere? port 80! omg! PCAnywhere, Remotelypossible, all one port (usually through a VPN!).

"You can not : Windows is not designed for being managed remotely (and it's a major requirement for servers all over the world) as it is designed for exploiting itself its own security holes."

Windows IS designed for being managed remotely and extremely scalable (do you even know what Active Directory and Terminal Services is?). You obviously have never even used Windows (or at least, nothing beyond Win98) before. Your arguments are ridiculous, my entire IT team (who implement all the things you claim do not exist) would laugh their heads off it they read this. You should try to get your facts straight before making yourself look stupid to those who actually know a thing or two about managing a Windows environment.

"Just try to follows security recommendation from Microsoft. They said it : Do not trust us! One of their security bulletin ask to remove them from the trusted key list. But if you do that, many parts of Windows will not work any more. You can not. By using Windows, you have no choice than to be insecure or not operational, and Microsoft themselve said it."

Yeah, its all over the front page of microsoft.com - get real.




[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/166/20385#20385