Les wrote:
On Thu, 2007-04-19 at 10:05 +0100, Scott van Looy wrote:
Today Tim did spake thusly:
On Thu, 2007-04-19 at 01:09 -0500, Les Mikesell wrote:
The problem is that so much of the system is opaque with undocumented
'features' that are just waiting to be exploited. It's not that the
users are clueless, it is that there is no way for them to have a
clue.
Hear, hear...
How many people know the minimal set of ports needed to be open for
Active Directory and Exchange server to work and what is supposed to
happen on each, for example?
I pasted that into google and got:
http://support.microsoft.com/kb/270836
as my second link
Or how in hell to get MSN messenger to work through your firewall, or
any other number of things that you need to get to work with your
system, but come with no more information than an instruction to see
your system adminstrator (who has no information about it, anyway).
http://support.microsoft.com/kb/q240063/
Most windows sysads know both, or are at least as capable as myself of
googling it... :)
--
Scott van Looy - email:me@xxxxxxxxxxxxxx | web:www.ethosuk.org.uk
site:www.freakcity.net - the in place for outcasts since 2003
PGP Fingerprint: 7180 5543 C6C4 747B 7E74 802C 7CF9 E526 44D9 D4A7
-------------------------------------------
|/// /// /// /// WIDE LOAD /// /// /// ///|
-------------------------------------------
knot in cables caused data stream to become twisted and kinked
The first didn't answer Active Directory, and the second didn't answer
for the current revision of I.E.
Not so simple is it?
And if you look at that first link you'll notice that it didn't exist
until a few months ago and it consolidates stuff that was previously
spread over 16 articles. It still doesn't tell you what a firewall
administrator would want to know in terms of direction of connectivity
or how domain controler or AD authentication fits into the picture. Who
is it that thinks opening ports 1024 through 65535 as it suggests is a
good idea?
--
Les Mikesell
lesmikesell@xxxxxxxxx