Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Windows desktops and fileservice

From: Gary Dobbins <dobbins () ND EDU>
Date: Mon, 15 Jul 2002 17:03:12 -0500
Group,

Am curious to know if any site has adopted (or considered) a practice
of routinely disabling Windows' built-in "server" services by default
for personal desktop systems.

Am evaluating the feasibility of a practice where we'd make these
"features" in Windows inert by default, rather than active and
listening.  We already block their ports at the border, but their
being active leaves them available for intra-LAN propagation of worms,
for example.

Anyone been down this road with their Windows groups, and have any
conclusions or thoughts to share?

  ------------------------------------------------------------
  Gary Dobbins -- dobbins () nd edu
  Director, Information Security
  University of Notre Dame, Office of Information Technologies
  Voice: 574.631.5554
  ------------------------------------------------------------

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: