Security Basics mailing list archives

Re: Windows Server 2003

From: "Kevin L Keathley" <cybernigma () satx rr com>
Date: Wed, 10 Sep 2003 20:15:41 -0500

I've been running it for some time with no problems.  I will point out
however that I keep it firewalled (even using its built-in/rather limited
firewall seems to do the job) and up-to-date with the patches.  I've scanned
it while on another network and of course the firewall makes it pretty much
disappear, but there are quite a few things open without the firewall..
   As far as the shutdown dialog, hopefully this will help you out a bit :-)
   http://dotnetguy.techieswithcats.com/archives/003718.shtml
----- Original Message ----- 
From: "Chris Wanstrath" <chrisw () cinci rr com>
To: <security-basics () securityfocus com>
Sent: Wednesday, September 10, 2003 1:27 PM
Subject: RE: Windows Server 2003

I've been using it since June and my very first impression (and the
first impression of everyone I've talked to who has used it) is hate for
the new shutdown feature.  You are forced to select a reason you are
shutting down your computer and if there is an unexpected shutdown, you
are forced to explain why the computer turned off.  Sure, this doesn't
seem security-related but I think it has everything do with security.
Microsoft is saying that their system is so secure you won't have to
almost ever shut it down, and when you do you'd better have a damn good
reason.  I found myself shutting down my server quite frequently in the
first few weeks, installing software and SQL and such.

As far as secure by default, I am running the server behind a firewall
so I don't have the Microsoft firewall or any third party firewall
setup.  I am running an FTP server (IIS), HTTP server (IIS), SMTP
server, POP3 server, and SQL.  I haven't touched any of the default
security settings because I'm using the 6-month Microsoft evaluation to
test software on it.  It's by no means a primary server, but here is
what NMap turns up on a portscan with the default security settings...

Port       State       Service
21/tcp     open        ftp
25/tcp     open        smtp
80/tcp     open        http
110/tcp    open        pop-3
135/tcp    open        loc-srv
139/tcp    open        netbios-ssn
445/tcp    open        microsoft-ds
1025/tcp   open        NFS-or-IIS
1026/tcp   open        LSA-or-nterm
1027/tcp   open        IIS
1030/tcp   open        iad1
1433/tcp   open        ms-sql-s
2105/tcp   open        eklogin
3052/tcp   open        PowerChute
3389/tcp   open        ms-term-serv

Doesn't look like the most secure box in my network, that's for sure.

--
Chris Wanstrath : chrisw () cinci rr com
LW Consulting   : www.lw-consulting.com

-----Original Message-----
From: Chris Halverson [mailto:chris.halverson () encana com]
Sent: Wednesday, September 10, 2003 7:38 AM
To: security-basics () securityfocus com
Subject: Windows Server 2003



What does everyone think of the hype around Windows Server 2003 being

secure by default?   Has anyone implemented one in your environment?





Chris

------------------------------------------------------------------------
--

-
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm

------------------------------------------------------------------------
--

--



--------------------------------------------------------------------------

Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
--------------------------------------------------------------------------

--



---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

Current thread:

RE: Windows Server 2003, (continued)
- RE: Windows Server 2003 Andrew Ruef (Sep 10)
  - RE: Windows Server 2003 dave kleiman (Sep 11)
  - RE: Windows Server 2003 Krill T (Sep 11)
    - RE: Windows Server 2003 Andrew Ruef (Sep 11)
    - Re: Windows Server 2003 Steve (Sep 11)
    - Re: Windows Server 2003 Ansgar Wiechers (Sep 11)
    - Re: Windows Server 2003 Hendra Santosa (Sep 12)
    - Re: Windows Server 2003 Ansgar Wiechers (Sep 15)
    - Re: Windows Server 2003 Jimi Thompson (Sep 15)
- RE: Windows Server 2003 Chris Wanstrath (Sep 10)
  - Re: Windows Server 2003 Kevin L Keathley (Sep 11)
  - RE: Windows Server 2003 Joey Peloquin (Sep 11)
    - RE: Windows Server 2003 Davitt J. Potter (Sep 12)
- Re: Windows Server 2003 Sean Earp (Sep 10)
  - Re: Windows Server 2003 Tim Syratt (Sep 11)
- Re: Windows Server 2003 Jimi Thompson (Sep 11)
- Re: Windows Server 2003 Meritt James (Sep 11)
- Re: Windows Server 2003 @Lx (Sep 11)
- RE: Windows Server 2003 Robert Mezzone (Sep 10)
- FW: Windows Server 2003 Halverson, Chris (Sep 11)
  - Re: FW: Windows Server 2003 Tim Syratt (Sep 11)

(Thread continues...)