[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Steven Côté wrote: > > Was the network connected between steps "Install form CD" and "Windows > update ad nauseam"? I seem to recall being told that that any fresh > Win2K box connected to the internet will be compromised within moments > of coming online. It's not actually possible to download the security > updates fast enough to get them installed before an attack succeeds. I'm > not sure this is actually true, but it seems to be in your case. Certainly for XP before the service pack that enables the firewall by default compromise times were down to minutes, so it is very likely it would be owned before re-installation had finished. But this only ever applied to boxes on a public IP address, if you had a router doing NAT it doesn't apply since incoming connections are prevented. > The trick I recall is to install with the network unplugged and to have > all the service packs handy on another disk. Install those service packs > and only then connect the network to grab the rest of the updates. Just have NAT router or external firewall.
Regards Kevin Lucas Minions Post Master(Sub) Po House, Minions, Liskeard Cornwall PL14 5LE 01579363386 |
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html