Gate

[Aycan iRiCAN <aycan.irican () core gen tr>]

An officially declared open hole.

http://www.cit.nih.gov/Support/FAQ/Fdcc/

 31.      What's the proper configuration of the Windows XP personal
 firewall to allow for configuration scanning by the NIH Incident
 Response Team (NIH IRT)?

 As part of this program, OMB also requires verification of compliance
 with FDCC requirements using Security Content Automation Protocol (SCAP)
 scanning tools.  NIH and HHS are in the process of acquiring SCAP
 technology which will allow IC’s to check their configurations as well
 as to provide reports to HHS and to the HHS Office of the Inspector
 General (OIG) upon request.  Due to Windows XP firewall limitations, the
 capability to allow authorized scanning tools to audit systems for
 vulnerabilities is not feasible in light of FDCC. Scanning for
 vulnerabilities using traditional methods will be supplemented with the
 IRT’s capability to conduct Configuration scans of desktop and laptops
 using SCAP tools. The addition of these configuration audits along with
 the use of the Windows firewall will offset the risk of not using the
 traditional vulnerability scanning methods for workstations and
 laptops. Public-facing servers are not bound by FDCC and therefore
 traditional methods of vulnerability scanning will not be affected. 

 FDCC Firewall Configuration to support NIH IRT compliance scanning:
 The File and Print Sharing and Server services must be enabled.
 With the Window firewall enabled, the following ports must be enabled:
 TCP 139 
 TCP 445
 UDP 137
 UDP 138

 This document is at http://irm.cit.nih.gov/security/FDCC_Waivers.doc

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/