OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Arnott James M Contr AEDC/TEK (James.Arnottarnold.af.mil)
Date: Fri Jan 11 2002 - 08:05:24 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I would also recommend that you might want to start scanning on a regular
    basis. I have seen to many folks lock up their systems and then forget about
    them. Becareful to not get a false sense of security from using software
    firewalls. Nothing is 100% effective when it comes to security.
    Wish you luck
    JA

    -----Original Message-----
    From: RH [mailto:RHbeulah.org]
    Sent: Thursday, January 10, 2002 4:36 PM
    To: 'H C'; 'focus-mssecurityfocus.com'; 'kcproff-art.dk'
    Subject: RE: Huge security breach in standard w2k install

    Exactly... scanning as an admin will reveal a lot more information of
    course. I would recommend the use of Zone Alarm or Tiny Firewall on your
    workstations; this will protect your workstation from internal and external
    connection attempts if used correctly. There is seldom a need for other
    users to connect to file shares on your workstation system, and these
    products would allow connection on a case by case basis.
    Firewalling also blocks scanner software too... ;-)

    -----Original Message-----
    From: H C [mailto:keydet89yahoo.com]
    Sent: Thursday, January 10, 2002 4:39 PM
    To: Kenneth Christensen; focus-mssecurityfocus.com
    Subject: Re: Huge security breach in standard w2k install

    Here we go again...

    > having installed the network scanner recommend in
    > the mails on this thread,

    Since you started this thread, I'm curious...which
    scanner did you install?

    > I discovered something horrific .. my own
    > workstations at the office
    > apperently expose both shares AND users/groups on
    > the machines ( W2K Pro )
     
    Kind of depends. How did you run the scanner? Did it
    find this 'hole' running as an administrator, or via a
    null session?

    > how on earth can i disable this HUGE security hole ?

    Well, again, that sort of depends. What are you
    protecting from? If you're behind a firewall, and
    you're NAT'd, the direct external threats to your
    internal systems may be minimal.

    However, it may just be best to disable NetBIOS on all
    of your NICs. But then, that would prevent a lot of
    functionality that you may need on your network.

    __________________________________________________
    Do You Yahoo!?
    Send FREE video emails in Yahoo! Mail!
    http://promo.yahoo.com/videomail/