RE: SIM Tools, and endpoint security.

[THolman () toplayer com]

Hi Drew,

I'm referring to Windows File Protection -
http://support.microsoft.com/kb/310747/EN-US/

This is configurable via Group Policy and offers 100% protection of system
files on the intended target.

..add to this Windows XP SP2, then you've got a pretty rock solid
workstation base that is not open to infection (as the firewall doesn't
allow anything in), and maintains integrity of system files (so malicious
code can't take over the system).

There's quite a lot more to Microsoft's OS security that often gets
overlooked, and many sysadmins are steered away from this with clever
marcoms and end up buying 3rd party applications to fill the gap.

My point is, be 100% sure that what you've got cannot do what you want,
before you go and buy something else!  ;)

Regards,

Tim 


-----Original Message-----
From: Drew Simonis [mailto:simonis () myself com] 
Sent: 20 May 2005 14:53
To: THolman () toplayer com; focus-ids () securityfocus com
Subject: RE: SIM Tools, and endpoint security.

> Don't discount the power of Microsoft Group Policy at a desktop level -
they
> offer state of the art file integrity checking systems that are far more
> cost-effective and comprehensive than the 3rd party add-ons that
proliferate
> the market.

Huh? I've not see how Group Policy does "state of the art file integrity 
checking".  Can you clarify?

-Ds

-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------