Full Disclosure mailing list archives
Re: Odd Behavior - Windows Messenger Service
From: Neil McKellar <mckellar () telusplanet net>
Date: Thu, 17 Jul 2003 12:55:46 -0600
Schmehl, Paul L wrote:
But, back to your original complaint, which was that remote services should not be available until you login to the console.....I'm willing to bet that *many* people who use *nix as a workstation, *even at home*, allow *at least* ssh sessions remotely. And there are KaZaA lovers worldwide who are offering remote access to files, on numerous Oses, even when they're not at home and logged in.
I was wondering about this as well. Even if you don't run a local FTP, HTTP, NFS, SMB, SSH, or other service on your local Linux workstation, you're guaranteed to be bringing up parts of the system to talk to the network during the boot process. Chances are you're broadcasting for DHCP. If you're a thin-client, you may be asking for tftp or bootp even before that. If you're running a virus scanner, it may be starting in the background, downloading updates automatically from a central server and scanning files. If you've got NIS, ADS, or Kerberos or something running, you may be hooking into local authentication systems. These things are all true for Windows workstations and Mac workstations, too.
All these things require network connectivity, imply levels of trust with services inside the local network, and may be vulnerable to spoofing locally. Even the order in which these things become available may result in greater or lesser exposure.
You don't want your workstations talking to the network or running local services with network connectivity before the user logs in? Well, when is it renewing the DHCP lease? How are you remotely pushing software updates or virus updates to those 1,000+ users? How are you remotely administering the workstation at all? How are you running backups over the network, if you need to do such things?
If you need complete lockdown on all these things, then this is no normal workstation and shouldn't be treated as such. Don't be surprised if the default install isn't fulfilling your needs.
-- Neil (mckellar () telusplanet net) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Odd Behavior - Windows Messenger Service, (continued)
- RE: Odd Behavior - Windows Messenger Service ops-lists (Jul 17)
- Re: Odd Behavior - Windows Messenger Service morning_wood (Jul 17)
- Re: Odd Behavior - Windows Messenger Service Darren Bennett (Jul 16)
- RE: Odd Behavior - Windows Messenger Service David Vincent (Jul 16)
- RE: Odd Behavior - Windows Messenger Service Jay Sulzberger (Jul 16)
- Re: Odd Behavior - Windows Messenger Service jklemenc (Jul 16)
- Re: Odd Behavior - Windows Messenger Service morning_wood (Jul 16)
- RE: Odd Behavior - Windows Messenger Service Schmehl, Paul L (Jul 17)
- Re: Odd Behavior - Windows Messenger Service morning_wood (Jul 17)
- RE: Odd Behavior - Windows Messenger Service Schmehl, Paul L (Jul 17)
- Re: Odd Behavior - Windows Messenger Service Neil McKellar (Jul 17)
- Re: Odd Behavior - Windows Messenger Service Ron DuFresne (Jul 17)
- Re: Odd Behavior - Windows Messenger Service Jay Sulzberger (Jul 17)
- Re: Odd Behavior - Windows Messenger Service morning_wood (Jul 17)
- Re: Odd Behavior - Windows Messenger Service Jay Sulzberger (Jul 17)
- Re: Odd Behavior - Windows Messenger Service gregh (Jul 17)
- Re: Odd Behavior - Windows Messenger Service Neil McKellar (Jul 17)
- Re: Fw: Re: Odd Behavior - Windows Messenger Service Valdis . Kletnieks (Jul 19)
- Re: Fw: Re: Odd Behavior - Windows Messenger Service Jay Sulzberger (Jul 19)