CertCities.com -- The Ultimate Site for Certified IT Professionals
"
  Microsoft®
  Cisco®
  Security
  Oracle®
  A+/Network+"
  Linux/Unix
  More Certs
  e-Book Shop
  Practice Exams
  Salary Surveys
  Forums
  News
  Exam Reviews
  Tips
  Columns
  Features
  PopQuiz
  RSS Feeds
  Industry Releases
  Job Search
  Contributors
  About Us
  Search
 

Advanced Search
  Free Newsletter
  Sign-up for the #1 Weekly IT
Certification News
and Advice.
Subscribe to CertCities.com Free Weekly E-mail Newsletter
CertCities.com

CertCities.com
Let us know what you
think! E-mail us at:



-- advertisement --
Traveling to a
Tradeshow or Event?
Norway Hotels
Thailand Hotels
Kauai Hotels
Sweden Hotels
Lithuania Hotels
Oakland Hotels
Martinique Hotels
Netherlands Antilles Hotels
Milwaukee Hotels
Algeria Hotels

 
 
...Home ... Editorial ... News ..News Story Sunday: December 26, 2004



The New TechMentor Register Early and Save!
  • 6 New Tracks
  • Focused Training
  • Year-End Savings
Register by
Dec. 31st
and save $300 off
the new TechMentor!

* REGISTERED USERS ONLY

SANS Blames MCSE Training for Spread of Code Red


8/15/2001 -- The SANS institute is blaming the lack of security-focused training within the MCSE program for the spread of Web viruses like Code Red.

According to ComputerWorld, last week the SANS institute sent out the following statement in an e-mail to its members: "One of the saddest dimensions of information security is that hundreds of thousands of people earned MCSE certifications without being required to demonstrate any competence in security."

"It is a situation where MCSEs had no idea that there is a fundamental vulnerability in IIS and ISAPI mapping and so had no way to protect their systems other than after-the-fact patching," Alan Paller, director of the SANS institute, told ComputerWorld for a story printed yesterday.

Microsoft says that, on the contrary, lack of training and information is what's allowing the virus to spread. "Code Red [is] a security vulnerability in IIS," said Dean Murray, Microsoft's director of courseware development. "Students in Course 2295 [Implementing and Supporting Microsoft Internet Information Services 5.0] go through the process of installing patches."

To suggest that MCSEs are lacking in security training goes against the number one priority of Microsoft's goals for its training and certification program, said Kris Vezina, group manager of content development for Microsoft's exams: "The fundamental basis for adding security to the MCSE track is a job task analysis we did in 1999...Security was the most important task [listed by MCSEs]."

To keep up with security vulnerabilities in Microsoft's products, Microsoft issues its Security Bulletin via e-mail. To subscribe to the security bulletin and get information Code Red patches currently available, go to http://www.microsoft.com/security/. -M.D. and B.N.

 

There are 52 CertCities.com user Comments for “SANS Blames MCSE Training for Spread of Code Red”
Page 2 of 6
8/16/01: John says: This is a very shortsighted and ignorant approach on the part of SANS. The spread of the Code Red Virus is a direct result of a lack of effective Security Management, this is not the sole responsibility of a systems engineer. In most corporations there are 2 or more groups that have responsibility for Systems level Security. Unfortunately, despite detailed security methodologies that are publicly available from Microsoft and other sources. Far too many IT organizations, rely on a single layer of security, such as a firewall or proxy server. It is also a sad reality that security pathces are not applied in an urgent manner. Many companies take two weeks or more to schedule production system changes. A layered approach to security along with proactive and active intrusion detection is the only way to stop this type of IT crisis.
8/16/01: Jester says: The above comments contain some well thought out points. However, the grammar contained in them is also appalling! Is English not the first language of most of these people? Maybe they should try blaming their poor English skills on their job woes rather that racism or other less important factors.
8/16/01: to says: I don't think anybody blamed their job woes for their poor english skills.
8/16/01: Anonymous says: i believe he meant that they should blame their poor English skills.
8/16/01: Interested says: to: Anonymous I believe you meant to use a capital I.
8/16/01: Christine says: I am an MCSE who subscribes to a bevy of security bulletins, all of which I read religiously. Possibly, security should be further emphasized in the MSCE track; however, MCSE or no, any self-respecting System Admin or Network Administrator should CONSTANTLY be vigilant about security threats and apply patches immediately. Just because I have my MCSE does not make me any more diligent or less diligent in watching over the security of my network. The true fault lies with those individuals that do not take security threats seriously. I heeded the Code Red warnings, applied all the necessary security packs and patches and my network was untouched.
8/16/01: Swamp says: I did not see any reference in the SANS email, or the ComputerWorld article that any of the sites where a Code Red infection occured had been surveyed to determine if they actually employed any MCSEs. My experience has been, that every NT 4 Server where I have had to go behind a shade tree type(Bubba's Networking Service)to reconfigure or tune the server and found that it had IIS installed on it. That includes Domain controllers as well as stand alone servers, and none were functioning as web servers. I have also run into the don't fix it if it is "functioning" attitude many times. There is also the issue of the number of infected machines by @home users. I guess all these infected @home machines are owned by MCSEs. The true issue is the overall lack of interest in security, and protecion from virii and worms by most companies and management. SANS should not be making baseless arguments without facts to back them up.
8/16/01: Phil says: Microsoft? Secure? Phhhhhht. http://linuxtoday.com/stories/10912_flat.html
8/16/01: Rob says: MCSE attack? Good grief, a monkey can install a patch and a caveman can undo the registry entries. What does that have to do with MCSE? Someone has a grudge and gets it printed. The fool is the person printing the story.
8/16/01: RFSea says: What whoever that is fails to realize IS, not all INetinfo.exe's running out there have been installed/configured by MCSE's, All he had to do waS look at the numbers wrt currently installed IISx Web Servers and look at the numbers of certified folks and a greater man could tell you that the ratio/proportion is all wrong... But that guy is a writer, so I rest my case
First Page   Previous Page     Next Page   Last Page
Want to post a comment under this article? Please register. It's free, it's easy, and you'll only need to register once to access all of CertCities.com's exam reviews, tips articles, the ability to post under articles, and more. Click on the button below to start your registration,or read our FAQ if you'd like more information.
Already registered? Log in here:
User Name:
Password:
Remember me on this computer
" Forgot User Name/Password
top

Sponsored Links:
MeasureUp 10 Day Practice Test: - Only $20!
Save $300 Thru December 31: TechMentor Orlando, April 4-8, 2005
Controlling Quality in Software Packages: FREE Webinar and White Paper
Keep Current on Microsoft News: Subscribe to Redmond Report Newsletter
IT certification news delivered weekly: Subscribe Today!



Home | Microsoft® | Cisco® | Oracle® | A+/Network+" | Linux/Unix | MOS | Security | List of Certs
Advertise | Contact Us | Contributors | Features | Forums | News | Pop Quiz | Tips | Job Search | Industry Releases | RSS Feeds RSS Feeds from CertCities.com
Search | Site Map | ENTmag.com | MCPmag.com | TCPmag.com | TechMentor Conferences | 101communications | Privacy Policy
This Web site is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc., Microsoft Corp., Oracle Corp., The Computing Technology Industry Association, Linus Torvolds, or any other certification or technology vendor. Cisco® and Cisco Systems® are registered trademarks of Cisco Systems, Inc. Microsoft, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corp. Oracle® is a registered trademark of Oracle Corp. A+®, i-Net+T, Network+T, and Server+T are trademarks and registered trademarks of The Computing Technology Industry Association. (CompTIA). LinuxT is a registered trademark of Linus Torvalds. All other trademarks belong to their respective owners.
Reprints allowed with written permission from the publisher. For more information, e-mail
Application Development Trends | Campus Technology | CertCities.com | The Data Warehousing Institute | E-Gov | ENT News
Enterprise Systems | Federal Computer Week | IT Compliance Institute | JavaSPEKTRUM | MCP TechMentor Conferences
MCPmag.com | OBJEKTspektrum | Recharger | Redmond magazine | SIGS-DATACOM | TCPmag.com
Copyright 1996-2004 101communications. See our Privacy Policy.
101communications