Security Basics mailing list archives
Re: Windows Server 2003
From: "Steve" <securityfocus () delahunty com>
Date: Thu, 11 Sep 2003 17:28:53 -0400
Microsoft ran a great webinar for the Network Professional Association (NPA) solely on the topic of Windows 2003 Server security. I know some of you would say "that must have been a short seminar". But it was really fantastic and went into deep detail about the improvements to security Microsoft has implemented in Windows Server 2003 as well as the amount of time they put into that effort. I believe that it is much more secure than previous versions of the Windows network operating system. You can still view that mshow presentation, use this URL and click on the welcome screen when it comes up, ignore how it notes the show starts at 2:30pm PST. It also takes like 5 minutes to get past the first screen introductions and information about the presenters, but it is worth it. http://invite.Mshow.com/signon.asp?Cobrand=100&usertype=0&ShowNum=106142 The presentation covered Microsoft's enhanced effort to identify possible fail points and exploitable weaknesses. Topics included: Security Benefits, Group Policy Enhancements, Authentication, Object-based Access Control, Security Policy, Auditing, Active Directory and Security, Data Protection, Network Data Protection, Public Key Infrastructure (PKI), and Trusts. (NPA members received Windows Server 2003 Enterprise Edition with 25 CALS for free, still available right now as well for new members, pretty nice benefit) ----- Original Message ----- From: "Andrew Ruef" <jabberwocky () mediasoft net> To: "'Krill T'" <kirill () sdf lonestar org> Cc: <security-basics () securityfocus com> Sent: Wednesday, September 10, 2003 10:48 PM Subject: RE: Windows Server 2003 Yes, actually. Many ideas. Starting with patching. I have a windows 2003 vmware machine as a test domain controller and another up as a test domain name server right now and neither of them were successfully infected by msblast or kaht2. Granted I don't have any code for the new rpc vuln but I patched for that an hour ago so I should be fine too. I think what he means is, in windows 2000 server and advanced server, it would install with IIS running by default, with a default FTP, HTTP and SMTP server running. Although maybe those were install options too. It wouldn't surprise me if I was wrong. But in Windows 2003 you install no services when you install the OS. You must add them when you are in the operating system. Which is I believe what he meant. Then again I am also very stupid. Andrew Ruef -----Original Message----- From: Krill T [mailto:kirill () sdf lonestar org] Sent: Wednesday, September 10, 2003 10:15 PM To: Andrew Ruef Cc: security-basics () securityfocus com Subject: RE: Windows Server 2003 Helo ! Win 2003 isn't secure by default ! I catched MsBlast via RPC in win 2003 Same happend with several WinXP boxes. Any ideas? Best regards, Kirill I. Tavobilov Unix SysAdmin Chief Security Engineer Omsk State Customs customs () omsknet ru www.customs.ru On Wed, 10 Sep 2003, Andrew Ruef wrote:
Date: Wed, 10 Sep 2003 16:33:38 -0400 From: Andrew Ruef <jabberwocky () mediasoft net> To: security-basics () securityfocus com Subject: RE: Windows Server 2003 Secure in the same way OpenBSD is, Windows 2003 dosen't run any
services
by default. Andrew ruef -----Original Message----- From: Chris Halverson [mailto:chris.halverson () encana com] Sent: Wednesday, September 10, 2003 8:38 AM To: security-basics () securityfocus com Subject: Windows Server 2003 What does everyone think of the hype around Windows Server 2003 being secure by default? Has anyone implemented one in your environment? Chris
------------------------------------------------------------------------
--- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm
------------------------------------------------------------------------
----
------------------------------------------------------------------------ ---
Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm
------------------------------------------------------------------------ ----
kirill () sdf lonestar org SDF Public Access UNIX System - http://sdf.lonestar.org --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Windows Server 2003 Chris Halverson (Sep 10)
- RE: Windows Server 2003 Joey Peloquin (Sep 10)
- RE: Windows Server 2003 Edrean Ernst (Sep 10)
- RE: Windows Server 2003 Andrew Ruef (Sep 10)
- RE: Windows Server 2003 dave kleiman (Sep 11)
- RE: Windows Server 2003 Krill T (Sep 11)
- RE: Windows Server 2003 Andrew Ruef (Sep 11)
- Re: Windows Server 2003 Steve (Sep 11)
- Re: Windows Server 2003 Ansgar Wiechers (Sep 11)
- Re: Windows Server 2003 Hendra Santosa (Sep 12)
- Re: Windows Server 2003 Ansgar Wiechers (Sep 15)
- Re: Windows Server 2003 Jimi Thompson (Sep 15)
- Re: Windows Server 2003 Kevin L Keathley (Sep 11)
- RE: Windows Server 2003 Joey Peloquin (Sep 11)
- RE: Windows Server 2003 Davitt J. Potter (Sep 12)
- Re: Windows Server 2003 Tim Syratt (Sep 11)