Security Basics mailing list archives
Re: Windows Server 2003
From: "Meritt James" <meritt_james () bah com>
Date: Thu, 11 Sep 2003 10:39:19 -0400
Unfortunately, aftther it is removed from the box it is turned on and connected. No longer is it 'secure'. :-( Those configurations put in place by the manufacturer are often established for performance (they do want to sell the box, after all), testing, and are widely known (by the 'baddies). A traditionally poor combination for any system. Recommendation: Do not use the defaults. Chris Halverson wrote:
What does everyone think of the hype around Windows Server 2003 being secure by default? Has anyone implemented one in your environment? Chris --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
-- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566 --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Re: Windows Server 2003, (continued)
- Re: Windows Server 2003 Hendra Santosa (Sep 12)
- Re: Windows Server 2003 Ansgar Wiechers (Sep 15)
- Re: Windows Server 2003 Jimi Thompson (Sep 15)
- RE: Windows Server 2003 Chris Wanstrath (Sep 10)
- Re: Windows Server 2003 Kevin L Keathley (Sep 11)
- RE: Windows Server 2003 Joey Peloquin (Sep 11)
- RE: Windows Server 2003 Davitt J. Potter (Sep 12)
- Re: Windows Server 2003 Sean Earp (Sep 10)
- Re: Windows Server 2003 Tim Syratt (Sep 11)
- Re: Windows Server 2003 Jimi Thompson (Sep 11)
- Re: Windows Server 2003 Meritt James (Sep 11)
- Re: Windows Server 2003 @Lx (Sep 11)
- RE: Windows Server 2003 Robert Mezzone (Sep 10)
- FW: Windows Server 2003 Halverson, Chris (Sep 11)
- Re: FW: Windows Server 2003 Tim Syratt (Sep 11)
- RE: Windows Server 2003 Doug Massey (Sep 11)
- RE: Windows Server 2003 Larry Seltzer (Sep 11)
- 'Shutdown Reason' in Windows 2000? (was: RE: Windows Server 2003) Alexander Suhovey (Sep 15)
- RE: Windows Server 2003 Larry Seltzer (Sep 11)
- RE: Windows Server 2003 Halverson, Chris (Sep 11)
- RE: Windows Server 2003 c_brauckmiller (Sep 11)
- Re: Windows Server 2003 A J Hammond (Sep 11)