IDS mailing list archives
RE: SIM Tools, and endpoint security.
From: THolman () toplayer com
Date: Fri, 20 May 2005 17:55:29 -0400
Hi Drew, I'm referring to Windows File Protection - http://support.microsoft.com/kb/310747/EN-US/ This is configurable via Group Policy and offers 100% protection of system files on the intended target. ..add to this Windows XP SP2, then you've got a pretty rock solid workstation base that is not open to infection (as the firewall doesn't allow anything in), and maintains integrity of system files (so malicious code can't take over the system). There's quite a lot more to Microsoft's OS security that often gets overlooked, and many sysadmins are steered away from this with clever marcoms and end up buying 3rd party applications to fill the gap. My point is, be 100% sure that what you've got cannot do what you want, before you go and buy something else! ;) Regards, Tim -----Original Message----- From: Drew Simonis [mailto:simonis () myself com] Sent: 20 May 2005 14:53 To: THolman () toplayer com; focus-ids () securityfocus com Subject: RE: SIM Tools, and endpoint security.
Don't discount the power of Microsoft Group Policy at a desktop level -
they
offer state of the art file integrity checking systems that are far more cost-effective and comprehensive than the 3rd party add-ons that
proliferate
the market.
Huh? I've not see how Group Policy does "state of the art file integrity checking". Can you clarify? -Ds -- ___________________________________________________________ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- RE: SIM Tools, and endpoint security. THolman (May 19)
- <Possible follow-ups>
- RE: SIM Tools, and endpoint security. Drew Simonis (May 24)
- RE: SIM Tools, and endpoint security. THolman (May 24)
- RE: SIM Tools, and endpoint security. Bill Royds (May 28)
- RE: SIM Tools, and endpoint security. Drew Simonis (May 28)