I thought this list was exclusively for Gnatbox related issues? Alastair Newman Network Analyst
-----Original Message----- From: Cox, Danny H. [mailto:[EMAIL PROTECTED]] Sent: 16 August 2002 17:28 To: Ted Bardusch Cc: [EMAIL PROTECTED] Subject: RE: AW: [gb-users] win2K security problems, the facts! What everyone is forgetting: 1. Microsoft Windows "out of the box" installs tend to be wide open. 2. Services like ftp, telnet, www, Indexing, remote access, remote registry, routing & remote access, RPC, Windows Mgmt, Installer and Scheduler all have known hacks and all (mostly) are open to access/exploits "out of the box". 3. There is also a little known issue with the IP stack in NT that requires a "hot fix". It implements a new randomizer. 4. Even Linux systems are prey to attack After having a customer demand I open a couple of ports (against my stern warnings) to a Linux web server (20,21,23,25), their server was hacked in less than 29 hours. The net result - They learned a big lesson (trust the people you hire to do the job right - don't interfere). In the end it cost about 30 man hours to undo the damage caused. Anyone that ignores the risks and walks headstrong into a lions den deserves to get eaten. Systems are faster and perform tasks without judgment. They are only as smart as those using them. I would never put a system in front of a firewall - REGARDLESS. There are far too many tools available to get the job done right. Oh, By The Way (BTW) Yes, you can nail down a Windows system - It's almost unusable, but you can. The same is true for almost every O.S. out there. Danny H. Cox -----Original Message----- From: Ted Bardusch [mailto:[EMAIL PROTECTED]] Sent: Friday, August 16, 2002 8:47 AM To: Marc Suxdorf Cc: Mike Burden; [EMAIL PROTECTED] Subject: Re: AW: [gb-users] win2K security problems, the facts! One thing to be aware of in setting up your hypothetical outside the firewall, up to date patched box of whatever OS -- until it's fully patched, which in some cases takes multiple reboots, it is fully exposed and vulnerable while it's downloading the updates and patches. In that time frame, a scanning attack might well succeed. I saw an article a couple of years ago that an unpatched Red Hat install was rooted in under 30 minutes on average. Windows would not likely be too different. Personally I suggest using the GB Light with default filters, that does a great job in the vast majority of cases. Ted Bardusch [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected] ___________________________________________________________________ Scott Brownrigg + Turner 77 St Martin's Lane London WC2N 4RD Tel : +44 (0) 20 7240 7766 Fax : +44 (0) 20 7240 2454 http://www.sbt.co.uk ___________________________________________________________________ This Email transmission is privileged, confidential and intended solely for the person or organisation to which it is addressed. If you are not the intended recipient you must not copy, distribute or disseminate the information, or take any action in reliance of it. If you have received this message in error, please notify Scott Brownrigg + Turner immediately at [EMAIL PROTECTED] We strongly recommend that you implement virus scanning of all attachments as Scott Brownrigg + Turner will not accept responsibility for any damage caused as a result of virus infection. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected]
