On Sun, May 04, 2008 at 01:13:17AM +0200, Christian Koerner wrote: > When it comes to Windows hardening and in specific restricting > Windows' services, the only suggestions that I've found so far are: > *) disable unnecessary services > *) restrict network access through packet filtering > > What else can be done and isn't it possible to bind Windows' services > to a specific address/interface, e.g. LAN.
AFAIK, there is no general mechanism to bind services to specific interfaces or addresses - I know the Services API doesn't have any such thing. Instead, the application itself must choose to provide a mechanism for this (which is normally exposed in a GUI or registry entry). Most don't. Steve -- Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561 www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | [EMAIL PROTECTED]
