Response

ByMike McBride Reading Time: 2 minutes

Bryan, over at BlendMart had this to say in response to one of our discussions about patching and firewalls and what not:

“On a side note… to the folks commenting at Life of a one-man IT department, just because all your ports are closed and you don’t have Internet facing servers on your network is no excuse to delay patching your machines. All it takes is one laptop user, one home dialup user, one VPN user to infect and disable your entire network.”

He left a similar comment on the post below, and I responded back, but I wanted to elaborate further. You see, of course, Bryan is right. You should install this patch in addition to having a correctly configured firewall. As I said, it’s never a bad idea. Of course, as a one-man shop I can tell you that there are simply times where you miss a patch, because you’re out of the office, or you just have too many other priorities to get to before you patch. This is why having a firewall and having all of you unnecessary ports closed is vital, to any home or workplace user.

Now, in as small an office as ours, I can personally monitor and lock down everything on our network. We don’t have any internet servers, we don’t allow dialup or VPN and our laptops are in locked configuration to only access the internet through our network. The second any of that changes, so does the risk, and therefore so does the way I handle patches. Every network is different and you may not handle things the same way that I do. That’s as it should be. If your network got Blasted because you didn’t patch and someone snuck in an infected laptop, or used VPN from an infected machine, shame on ya’, but there may be circumstances that caused it to happen. (although you still had a month, they’d have to be some pretty outrageous circumstances!) On the other hand, if you got infected without Blaster even having to find a secondary way in, because you didn’t patch OR run a proper firewall, double shame on ya’!

Ultimately, that was my point. Running a firewall and blocking ports doesn’t guarantee a secure network, there are a ton of steps beyond that, but if you’re not even doing that while you’re connected to the internet, you’re just asking for trouble.

Share with your friends!
LinkedInBlueskyMastodonThreadsRedditBuffer

Similar Posts

  • That’s me, in the trenches

    ByMike McBride Reading Time: 1 minute

    The latest edition of In The Treches has a few minutes of discussion between Kevin and your’s truly about working at the helpdesk and my own experiences working in the field. Go give it a listen, especially if you’ve never listened to Kevin and George before. They do an excellent podcast! Tags: InTheTrenches Follow these…

  • Whew!

    ByMike McBride Reading Time: 1 minute

    I just spent the most stress-filled lunch hour I’ve ever had, after checking in with my bank balances and finding that our hotel reservation for this weekend in Chicago had been canceled and credited back to my credit card! I used Hotels.com to make the reservation. I had used them when we went to New…

  • Your government at work

    ByMike McBride Reading Time: 1 minute

    Saw this over at PocketPC Thoughts this morning. An article about the Air Marshals use of PDA’s: “The Transportation Security Administration spent $6.9 million to outfit the federal air marshal corps with voice-capable wireless handheld computers for in-flight use and then subsequently banned any voice usage because of potential interference with cockpit functions, according to…

  • One for the wife

    ByMike McBride Reading Time: 1 minute

    Just a link for my wife that I spotted over at Scoble’s today, about the changing world of PR in respect to blogs. In fact, I think maybe she should be reading that blog on a regular basis, being the PR person that she is. 🙂 Follow these topics: Uncategorized

  • After work, work..

    ByMike McBride Reading Time: 1 minute

    Since I was already in the “web programming” mood when I got home, what with the ATOM feed on Angela’s blog, and since the DNS seems to have caught up with the server move on the child abuse site, I went ahead and upgraded the Movable Type installation over there, and added an atom feed…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)