OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Derek (derekmrogers.com)
Date: Tue Apr 09 2002 - 06:37:27 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    However, beware of Microsoft implementations of PPTP to secure
    your MMC sessions.

    To quote:
    http://www.counterpane.com/pptp-faq.html

    1. What did Bruce Schneier and Mudge actually do?
    They found security flaws in Microsoft PPTP that allow attacks to
    sniff passwords across the network, break the encryption scheme
    and read confidential data, and mount denial of service attacks
    against PPTP servers. They did not find flaws in PPTP, only in
    Microsoft's implementation of it.

    Derek

    ----- Original Message -----
    From: "Free, Bob" <RWF4pge.com>
    To: "'Jason Yates'" <jyatesdataservice.org>;
    <focus-mssecurityfocus.com>
    Sent: Thursday, April 04, 2002 7:35 PM
    Subject: RE: Internet Services Manager

    > See ISM/MMC Does Not Work Through a Firewall [Q218471]
    >
    > CAUSE
    > =====
    >
    > This is by design. If the MMC ISM was configured to operate
    through a
    > firewall
    > using TCP port-based security alone, particularly by opening
    additional TCP
    > ports, it could potentially expose sensitive configuration
    information to
    > the
    > Internet.
    >
    > The HTMLA uses TCP port 80, which is open on most firewalls for
    Web traffic
    > and
    > sites.
    >
    > HTTP and FTP are well defined by firewalls, which make these
    protocols more
    > secure.
    >
    > RESOLUTION
    > ==========
    >
    > To resolve this issue, do one of the following:
    >
    > Use HTMLA over SSL
    > ------------------
    >
    > Use the HTML version of the Internet Service Manager (also
    known as the HTML
    > Administration or HTMLA) over SSL. This uses HTTP-based
    security, which will
    > require additional configurations mentioned in the online
    documentation for
    > the
    > Windows NT Option Pack.
    >
    > -OR-
    >
    > Use the ISM MMC over PPTP
    > -------------------------
    >
    > Use Point-to-Point Tunneling Protocol (PPTP) to tunnel through
    the firewall.
    > The
    > ISM MMC can be used on the secure PPTP connection. This will
    also require
    > additional configurations.
    >
    >
    > -----Original Message-----
    > From: Jason Yates [mailto:jyatesdataservice.org]
    > Sent: Thursday, April 04, 2002 1:57 PM
    > To: 'focus-mssecurityfocus.com'
    > Subject: Internet Services Manager
    >
    >
    > I'm trying to use Internet Services Manager snap-in on a web
    server
    > located in our internal network. The web server is running
    Win2k and
    > IIS 5.0. At first, I was connecting fine. I've added TCP/IP
    filtering
    > to the remote machine, and now I can't connect. What ports
    does ISM use
    > anyway?
    >
    > I'm allowing UDP and TCP connection to port 137-139 and just
    TCP to port
    > 80. All other filtering is taken care off in the outside
    firewall.
    >
    > -Jason
    >
    >