Security Basics mailing list archives
information harvesting from within the network
From: "ddjjembe 2" <ddjjembe2 () hotmail com>
Date: Fri, 20 May 2005 02:39:36 +0000
Background:I work in a university that has university typical security practices. Currently any authenticated user can scan the parts of the network with tools like LANguard or Nessus and obtain a considerable amount of information from them. Most of the computers in our network are windows computers. We also have departments with MACs and *nix machines.
Goal:If possible, lock down the Windows computers with group policies and/or templates to disable this potential unauthorized information harvesting users and then restrict scanning ability to the security group with LDAP permissions. Am I on the right track here?
I would like to achieve this without using a host based firewall.Group policies have large pool of settings to pick from. Narrowing it down to a few that disable at least portions would be appreciated.
Thanks, ddjembe _________________________________________________________________Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
Current thread:
- information harvesting from within the network ddjjembe 2 (May 20)
- RE: information harvesting from within the network Jason Lopez (May 23)
- Re: information harvesting from within the network Alexander Klimov (May 23)
- <Possible follow-ups>
- RE: information harvesting from within the network Beauford, Jason (May 20)
- RE: information harvesting from within the network D Adler (May 23)
- RE: information harvesting from within the network Andrew Shore (May 23)
- Re: information harvesting from within the network Micheal Espinola Jr (May 24)
- Re: information harvesting from within the network Henry Anslinger (May 26)