Here in Windowsville

How much harm comes of the anti-Windows bias in the world of security?


The SANS Institute allowed me to attend a few days of its recent Orlando conference. I chose an excellent two-day track on honeypots, taught by Lance Spitzner, a security architect for Sun Microsystems, and Marcus Ranum, founder and CTO of NFR Security. These two live and breathe honeypots.

If you’re unfamiliar with the concept, a honeypot is simply “a security resource whose value lies in being probed, attacked or compromised.” It might be used for commercial purposes (to gain knowledge to protect against the newest attacks), or it might be used for research (to learn about the psyche of the black hats).

Joke: Based on that definition, who’s the largest manufacturer of honeypots today? Answer: Microsoft.

“Security Advisor” columnist Roberta Bragg has covered the topic in her columns. What she hasn’t talked about is the pervasive anti-Microsoft/pro-Unix bias that exists in the security community at large.

Joke: How do you set up a honeypot? Answer: Bring a Windows box online.

The jokes here were quite popular in my training session.

Alan Paller, the director of research at SANS, has proclaimed in the past that the Microsoft certification program was to blame in part for the spread of Code Red last year—for not requiring MCSEs to show competency in security. (I must add, SANS offered a free class at that time to show people how to patch their systems.)

It’s tough to pay attention to people who know their stuff yet hold you in derision. But that’s what I’m suggesting you do.

Stephen Northcutt, also a principal at SANS, has begun warning that we can expect a worm to surface that will take advantage of SNMP vulnerabilities. This is our chance to prove that Paller’s judgment was a bit hasty. That means applying patches or disabling SNMP on your Windows machines. It also means securing your Cisco equipment, HP JetDirect firmware, network management solutions, power monitors, security systems, and a hundred other devices and programs that you take for granted but can’t do without. The CERT advisory on this exists here: www.cert.org/advisories/CA-2002-03.html.

Then in July we’ll be hosting our own security training event, the MCP TechMentor Summit on Security. Attendees will have the chance to watch a Windows 2000 network (and its related components) become hardened, using only what Microsoft makes available in its software and resource kits and online. You’re all invited to try to hack into the system. Learn more about that at www.techmentorevents.com/seattle/.

Here in Windowsville, we’ve made for an easy target when it comes to security. So I invite Paller and Northcutt, experts whose knowledge has been annealed on that other platform, to join us in Seattle and watch the new breed of security experts in action.

Am I misguided in feeling like the skinny guy in the Charles Atlas ads who has to eat sand? Tell me at [email protected].

About the Author

Dian L. Schaffhauser is a freelance writer based in Northern California.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.