Stuart McLachlan
stuart at lexacorp.com.pg
Sat Sep 17 16:18:12 CDT 2011
As a general rule, an RO hosts file makes sense. Very few people ever need special entries in it. OTOH, I have a shortcut to mine in a folder on my desktop because I edit it quite often, -- Stuart On 17 Sep 2011 at 10:39, Alan Lawhon wrote: > > http://windowssecrets.com/top-story/the-sorry-tale-of-the-unsecure-soc > kets-l ayer/ > > http://tinyurl.com/3z9awxj > > > > This is a follow-up article to the story concerning corrupted root > certificates which I posted last week. Microsoft issued an > out-of-cycle security patch to eliminate the source of the phony > certificates, (i.e. DigiNotar), and remove the threat to users of > Internet Explorer and other browsers. > > Since > than 99 percent of the potential "victims" of this security > breach were located over in Iran, Woody Leonhard seems to be implying > that this may be a case of the Government of Iran eavesdropping on its > citizens; thus there is little (if any) chance of this breach > adversely affecting users outside of Iran - like us. Still, his > analysis of the "lax process" by which root certificates are issued is > illuminating. > > At the end of his article, Woody recommends that users consider > modifying their "Hosts" file (to read only) in order to "lock" their > system and prevent man-in-the-middle attacks and other > security-related vulnerabilities. Before I modify a system file, I > want to check with the experts on here. Are most of you in agreement > that changing your "Hosts" file (to read only) is a good idea? (I > wonder why Microsoft doesn't make the "Hosts" file read only by > default?) > > Alan C. Lawhon > > > > > > _______________________________________________ > dba-SQLServer mailing list > dba-SQLServer at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-sqlserver > http://www.databaseadvisors.com > >