On 03/08/11 10:59 AM, David Brian Chait wrote: > > That may be, but the advice is still valid, windows is infinitely more vulnerable than *NIX on a direct/open connection. Most corps filter traffic to windows boxes through intermediaries to limit risk. Corps firewall their unix servers too. All our public internet servers are in a secure DMZ isolated from both our WAN and the Internet. How is that any different? Millions of users carry Windows laptops and use them at public access points daily. Windows since XP SP2 has had a perfectly decent firewall built in and enabled by default. Anyone sane is running an antivirus suite. Modern web browsers like Google Chrome automatically catch and block a lot of web hackery. Unix, improperly configured, is just as vunerable. Witness the number of users around here who are running 5.2 or whatever without having ever installed patches 'because its against XYZ support policy' or something equally lame. The endless list of CERT advisories against popular daemons.