Security Basics mailing list archives

RE: fax software in the domain

From: "Rocky Heckman" <rocky.he () g-wizinnovations com>
Date: Tue, 27 Jul 2004 09:22:48 +1000

Remove the PC from the network... While I'm only kidding about that because
it's probably not practical, it is the only way you can positively guarantee
that his PC won't be a threat on the network. 

Make sure that the fax software is set to not answer the line. Lock down the
login accounts on the machine so that only domain authenticated accounts can
log on (kill the guest account, diable the IUSRxxxxx and IWAMxxxxx accounts
(or equivalent)) Make sure that you aren't running File and Printer Sharing
on that machine. Disable the Administrative Shares if possible.

Also make sure that the XP machine isn't running Internet Connection
Sharing. A dialed in user can use that machine as a bridge to launch attacks
from through the machines' internet connection. You'll want to kill off any
of the Bridging connections that XP creates in the Network Connections too. 

You'll need to make sure that any/all remote access settings on the machine
are set to Deny. Make sure the firewall is enabled (although that doesn't
help if someone dials in to the machine and gets a connection that way.) 

Make sure the machine doesn't have Remote Desktop Connection installed.

You will probably want to install some sort of firewall like the XP SP2 one
or even Zone Alarm that tries to prevent outbound connections without
specific authorization. While this won't stop all the outbound
attacks/attempts it will catch the amateurs. Of course, if they managed to
dial in to the machine and get a remote desktop, they can just disable it.
So make sure if you install that kind of system that you password protect it
so that it requires a different password than the login to enable outbound
connections. 

This is probably not a comprehensive list, and some of the suggestions may
not even work for you. I was just trying to think of the ways I'd use a
remote XP machine. 

All that being said, a better alternative might be to move the modem to a
server that you can lock down. Install some network fax software so that he
can still send his faxes from his computer, but you get to control the modem
and the machine it's on. Servers normally have much better RAS controls on
them than desktops anyway. Besides, if you did this, then everyone would be
able to fax from their computer while decreasing the risk to your network. 


RH


-----Original Message-----
From: Juan B [mailto:juanbabi () yahoo com] 
Sent: Saturday, 24 July 2004 8:06 PM
To: security-basics () securityfocus com
Subject: fax software in the domain

Hi,

Im my domain we have w2k servers and the workstations
we use xp pro.

On the station of one employee he must use also a fax
with a modem connected
to the telefhone line.

I think that this is a security problem.

I cant remove the fax from his pc .my question is what
are the steps to
protect this pc from being a security problem to all
the network ?

thanks !!




                
__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------




---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

fax software in the domain Juan B (Jul 26)
- RE: fax software in the domain Rocky Heckman (Jul 27)
- RE: fax software in the domain Murad Talukdar (Jul 27)
- RE: fax software in the domain Ed Spencer (Jul 27)
- <Possible follow-ups>
- RE: fax software in the domain Depp, Dennis M. (Jul 26)
- RE: fax software in the domain Henry, Christopher M. (Jul 29)
  - RE: fax software in the domain Ed Spencer (Jul 30)
  - RE: fax software in the domain Rocky Heckman (Jul 30)