RE: is the latest ISA2000 security update a dud?
- From: "Darryl Janetzki" <darrylj@xxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 27 Jun 2005 21:05:55 +1000
I checked my configuration. I was using integrated Authentication. The
point I wanted to make is that we have to expect better performance from
Microsoft. When they publish a patch for a known problem we have to have
confidence that the desired result will be achieved and not have host of
new problems. When it is late a night and the system is damaged because
of a "bad" patch... I don't really care about how "right" and "proper"
Microsoft may be in their "new found security" policy... Delivering
reliable systems that work and having confidence with the product and
company is more important.
I think this security policy is a cover-up for breaking functionality
and inadequate testing. I think I may also review the use of WSUS in
future. Microsoft has to give a commitment to quality... as well as to
security.
My two bobs worth
Darryl Janetzki
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Monday, 27 June 2005 2:31 AM
Subject: RE: is the latest ISA2000 security update a dud?
1. WSUS isn't delivering any ISA patches (yet).
2. All hotfix patches get very focused testing (regression testing is
necessarily limited) - the major testing is reserved for service packs,
where regression testing can be performed.
3. The original patch behavior was changed to be "secure by default" in
that the new behavior is now the default behavior.
4. Comparatively few ISA folks actually use Basic auth for outbound
traffic, so this wasn't part of the patch testing.
You can't do it all in a finite amount of time.
What's really interesting is that the folks that reported the original
issue (and original regression) are not using Basic auth for outbound
connections. They approved the private build of the patch before it was
shipped as part of -034.
-----Original Message-----
From: Darryl Janetzki [mailto:darrylj@xxxxxxxxxxxxxxxx]
Sent: Sunday, June 26, 2005 12:21 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: is the latest ISA2000 security update a dud?
http://www.ISAserver.org
Thanks. Microsoft have to improve on the quality of its patches. With
WSUS doing all global patching it is imperative that they test and
deliver confidence that the patches work properly... The first time.
My 2 bobs worth
Darryl Janetzki
________________________________
From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxx]
Sent: Saturday, 25 June 2005 6:23 PM
Subject: RE: is the latest ISA2000 security update a dud?
Hi Darryl,
check out http://www.isaserver.org/IsaNews/ISA2000_MS05-034.html.
It's a know problem but no solution yet.
HTH,
Stefaan
________________________________
From: Darryl Janetzki [mailto:darrylj@xxxxxxxxxxxxxxxx]
Sent: zaterdag 25 juni 2005 7:04
To: [ISAserver.org Discussion List]
Subject: [isalist] is the latest ISA2000 security update a dud?
http://www.ISAserver.org
The web proxy service failed ... I have since removed it
Darryl Janetzki
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
stefaan.pouseele@xxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
