Re: how prevelant

["Paul D. Robertson" <paul () compuwar net>]

On Fri, 8 Oct 2004, R. DuFresne wrote:

> how common is it for a company to have it's NT domain and novell
> athentication pass openly across the internet, and have this be the
> requirement to access VPN tunnel rights from outside into the company?

On purpose?  Probably pretty uncommon these days.  There were some
Microsoft products that required it for Web server management- I don't
recall the product or the exact setup that required it, but outside of a
hosting environment, it's not all that common.

> The firewalls I manage keep all windows related protocols in the 135-139,
> 445 and 5000 ports arenas internal only, none f this traffic passes
> outside the firewalls, none is allowedto pass outside, unltess tunneled.
> Is this not a standard practise with any org with half a clue of security,
> or am I being more tightfisted with access and control then is the norm?

It's pretty standard in my experience, though I'm just about to data mine
every external port scan we've ever run to make sure my experiences match
the real world for a similar but unrelated issue.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards