Re: Help me win the MS-Proxy/ipfw war

John Howie (JHowiemsn.com)
Mon, 27 Sep 1999 20:24:33 -0700

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Nate Williams: "Re: dump(8) Insecurity/Misconfiguration"
• Previous message: Richard Scranton: "Re: Help me win the MS-Proxy/ipfw war"
• In reply to: Scott I. Remick: "Help me win the MS-Proxy/ipfw war"
• Next in thread: Rodney W. Grimes: "Re: Help me win the MS-Proxy/ipfw war"

----- Original Message -----
From: Andre Gironda <andresun4c.net>
To: Scott I. Remick <scottcomputeralt.com>
Cc: <freebsd-securityfreebsd.org>
Sent: Monday, September 27, 1999 6:13 PM
Subject: Re: Help me win the MS-Proxy/ipfw war

> NT cannot be used in an Internet environment (or as a bastion host)
> because of the serious security implications. Netbios, IIS, and WINS
> are very insecure and instable applications/protocols

It is possible to tighten these holes up and to make your NT system secure
on the external (Internet) interface... But then you can't do remote
administration using the external network interface as you need access to
the NetBIOS ports (use a VPN to access the internal interface and you can).
You will spend most of your time making sure that your system is secure but
always have the nagging doubt that you missed something or a new hole has
been discovered.

All I can say is "God bless Microsoft", they keep me in a job securing
Windows NT installations, usually by using FreeBSD :-) as a firewall.

john...

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Nate Williams: "Re: dump(8) Insecurity/Misconfiguration"
• Previous message: Richard Scranton: "Re: Help me win the MS-Proxy/ipfw war"
• In reply to: Scott I. Remick: "Help me win the MS-Proxy/ipfw war"
• Next in thread: Rodney W. Grimes: "Re: Help me win the MS-Proxy/ipfw war"

This archive was generated by hypermail 2.0b3 on Mon Sep 27 1999 - 22:32:18 CDT