Firewall Wizards mailing list archives

RE: terminal services

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 28 Jan 2003 20:46:15 -0500 (EST)

On Tue, 28 Jan 2003, Paul D. Robertson wrote:

        [SNIP]


While I'm sure there needs to be some sort of patching discipline, it's 
not a simple or clear-cut thing.


Which seems to make a strong casepoint for the hardening of exposed hosts
and the continued need for well defined security perimiters at this point
in time still <security basics 101?>.  Which was the place this worm could
have and most likely should have had far less success in making the mess
that it did in the short time frame in question.  Imagine if the payload
had something more distructive in it...

A question here remains for those security folks who *didn't* block the
ports or at least proxy the connections in some safer manner.  Though, as
confusing as the M$ world is explained in Paul's and Russ's post and post
within, it seems nightmarish, it's no wonder many home machines would have
gotten hit, yet, with some of the reports of the networks that were
disrupted by this packet-spammer, it's amazing that security budgets
are still lacking and a commitment to strong security policy
compliance and enforcements are not in place within the finacial
transaction methoods now in place.  Not that government networks fare
any better for sure <new nightmares are so easy to happen across>...

Paul
[1] Disclaimer, TruSecure owns NTBugtraq too, and there's an advertisement 
for something or other (for our people certification thing even) tacked on 
to the post.  Might be advertising on the site too.  It's probably a plot to lure 
you all into our wiley list trap...


        As I said, please sign me up fer wiley's list Paul!


Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: terminal services, (continued)
- Re: terminal services Duncan Sharp (Jan 28)
  - Re: terminal services Paul D. Robertson (Jan 28)
- RE: terminal services Noonan, Wesley (Jan 28)
- Re: terminal services Steven M. Bellovin (Jan 28)
- RE: terminal services Noonan, Wesley (Jan 28)
  - RE: terminal services R. DuFresne (Jan 28)
    - RE: terminal services Paul D. Robertson (Jan 28)
    - Re: terminal services Barney Wolff (Jan 28)
    - RE: firewall design (was: RE: terminal services ) m p (Jan 29)
  - RE: terminal services Paul D. Robertson (Jan 28)
    - RE: terminal services R. DuFresne (Jan 28)
    - Message not available
    - RE: terminal services Marcus J. Ranum (Jan 28)
- Re: terminal services Steven M. Bellovin (Jan 28)
- RE: terminal services Reckhard, Tobias (Jan 28)
  - Re: terminal services Barney Wolff (Jan 29)
    - Re: terminal services Paul Robertson (Jan 29)
    - Re: terminal services Barney Wolff (Jan 30)
- RE: terminal services Reckhard, Tobias (Jan 30)
- RE: terminal services Reckhard, Tobias (Jan 30)
  - Re: DNS security (Was: re: terminal services) Mikael Olsson (Jan 31)