RE: Windows Server 2003

["Andrew Ruef" <jabberwocky () mediasoft net>]

Yes, actually. Many ideas. Starting with patching. 

I have a windows 2003 vmware machine as a test domain controller and
another up as a test domain name server right now and neither of them
were successfully infected by msblast or kaht2. Granted I don't have any
code for the new rpc vuln but I patched for that an hour ago so I should
be fine too. 

I think what he means is, in windows 2000 server and advanced server, it
would install with IIS running by default, with a default FTP, HTTP and
SMTP server running. Although maybe those were install options too. It
wouldn't surprise me if I was wrong.

But in Windows 2003 you install no services when you install the OS. You
must add them when you are in the operating system. Which is I believe
what he meant.

Then again I am also very stupid.

Andrew Ruef

-----Original Message-----
From: Krill T [mailto:kirill () sdf lonestar org] 
Sent: Wednesday, September 10, 2003 10:15 PM
To: Andrew Ruef
Cc: security-basics () securityfocus com
Subject: RE: Windows Server 2003

Helo !

Win 2003 isn't secure by default !
I catched MsBlast via RPC in win 2003

Same happend with several WinXP boxes.

Any ideas?

Best regards,


Kirill I. Tavobilov

Unix SysAdmin
Chief Security Engineer
Omsk State Customs

customs () omsknet ru
www.customs.ru

On Wed, 10 Sep 2003, Andrew Ruef wrote:

> Date: Wed, 10 Sep 2003 16:33:38 -0400
> From: Andrew Ruef <jabberwocky () mediasoft net>
> To: security-basics () securityfocus com
> Subject: RE: Windows Server 2003
>
> Secure in the same way OpenBSD is, Windows 2003 dosen't run any
services
> by default.
>
> Andrew ruef
>
> -----Original Message-----
> From: Chris Halverson [mailto:chris.halverson () encana com]
> Sent: Wednesday, September 10, 2003 8:38 AM
> To: security-basics () securityfocus com
> Subject: Windows Server 2003
>
>
>
> What does everyone think of the hype around Windows Server 2003 being
>
> secure by default?   Has anyone implemented one in your environment?
>
>
>
>
>
> Chris
------------------------------------------------------------------------
> ---
> Captus Networks
> Are you prepared for the next Sobig & Blaster?
>  - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
>  - Precisely Define and Implement Network Security
>  - Automatically Control P2P, IM and Spam Traffic
> FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
> http://www.captusnetworks.com/ads/42.htm
------------------------------------------------------------------------
> ----
------------------------------------------------------------------------
---
> Captus Networks
> Are you prepared for the next Sobig & Blaster?
>  - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
>  - Precisely Define and Implement Network Security
>  - Automatically Control P2P, IM and Spam Traffic
> FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
> http://www.captusnetworks.com/ads/42.htm
------------------------------------------------------------------------
----
>

kirill () sdf lonestar org
SDF Public Access UNIX System - http://sdf.lonestar.org


---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------