The more you communicate to your superiors before the meetings, the less time spent in meetings, too.

One way to achieve this is to make sure every time you commit code that you check it in against a ticket. If there isn't a ticket to check it in against, create one, and then check it in against the newly created ticket. This gives you transparency and accountability. Both of which managers love. This can all be achieved with various ticketing systems, but the one I find that is integrated with a versioning system quite well is Trac. It integrates well with subversion, git, and mercurial.

Just keep in mind that not all communication is necessarily verbal.

>No IIS servers I installed got hit by code red >because - gasp - the default install was not >done. If the exploitable software isn't >installed, guess what happens? Your server >doesn't get compromised! What a revelation.

On IIS 4.0 (NT Option Pack 4), I believe this was probably true. However, on IIS 5 (Win2K Server), indexing service gets installed by default.

However, Microsoft also makes the indexing service sound necessary when you read the description for it on the install. A lot of people would install it, regardless of whether they need it or not. Most of the Microsoft server farms I've seen are using it, around town.

I think that in order to become an MCSE, people should be forced to take a short course in security. Security is by and large part of the course content in learning UNIX, but for some reason it doesn't seem to be stressed for Windows administration.

Windows administration culture also needs to change; not just the installation semantics.