[dba-SQLServer] Windows Secrets: The Sorry Tale of the (un)Secure Sockets Layer

Alan Lawhon lawhonac at hiwaay.net
Sat Sep 17 10:39:08 CDT 2011


 
http://windowssecrets.com/top-story/the-sorry-tale-of-the-unsecure-sockets-l
ayer/

   http://tinyurl.com/3z9awxj

 

This is a follow-up article to the story concerning corrupted root
certificates which I posted last week.  Microsoft issued an out-of-cycle
security patch to eliminate the source of the phony certificates, (i.e.
DigiNotar), and remove the threat to users of Internet Explorer and other
browsers.

Since > than 99 percent of the potential "victims" of this security breach
were located over in Iran, Woody Leonhard seems to be implying that this may
be a case of the Government of Iran eavesdropping on its citizens; thus
there is little (if any) chance of this breach adversely affecting users
outside of Iran - like us.  Still, his analysis of the "lax process" by
which root certificates are issued is illuminating.

At the end of his article, Woody recommends that users consider modifying
their "Hosts" file (to read only) in order to "lock" their system and
prevent man-in-the-middle attacks and other security-related
vulnerabilities.  Before I modify a system file, I want to check with the
experts on here.  Are most of you in agreement that changing your "Hosts"
file (to read only) is a good idea?  (I wonder why Microsoft doesn't make
the "Hosts" file read only by default?)

Alan C. Lawhon

 

 




More information about the dba-SQLServer mailing list