RE: [fw-wiz] terminal services

From: R. DuFresne (dufresne@sysinfo.com)
Date: 01/28/03

• Next message: Paul D. Robertson: "RE: [fw-wiz] terminal services"
• Previous message: Duncan Sharp: "Re: [fw-wiz] terminal services"
• In reply to: Noonan, Wesley: "RE: [fw-wiz] terminal services"
• Next in thread: Paul D. Robertson: "RE: [fw-wiz] terminal services"
• Reply: Paul D. Robertson: "RE: [fw-wiz] terminal services"
• Reply: m p: "RE: firewall design (was: RE: [fw-wiz] terminal services )"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "R. DuFresne" <dufresne@sysinfo.com>
To: "Noonan, Wesley" <Wesley_Noonan@bmc.com>
Date: Tue Jan 28 17:39:01 2003

On Tue, 28 Jan 2003, Noonan, Wesley wrote:

        [SNIP]

>
> I actually disagree here. The issue with slammer/sapphire is precisely that
> people didn't patch their machines. Let's review some of the recent history.

didn't patch their machines and didn;'t heed all the information available
the last time M$-SQL was hit. Other discussions in various lists the past
few days have folks claiming they had no prior warning that port 1434 was
a point of caution deserving incomong and outgoing blocks. Though, as
someone in one of those discussions mentioned, often the information made
available on a threat, often gets read and interpreted in far too strict
and narrow a sense to deal with a potential threat in a decisive manner
the first time out.

Thanks,

Ron DuFresne

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart
testing, only testing, and damn good at it too!

---

• Next message: Paul D. Robertson: "RE: [fw-wiz] terminal services"
• Previous message: Duncan Sharp: "Re: [fw-wiz] terminal services"
• In reply to: Noonan, Wesley: "RE: [fw-wiz] terminal services"
• Next in thread: Paul D. Robertson: "RE: [fw-wiz] terminal services"
• Reply: Paul D. Robertson: "RE: [fw-wiz] terminal services"
• Reply: m p: "RE: firewall design (was: RE: [fw-wiz] terminal services )"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Automatically patching machine with hotfix KB824146 using mbsafu. ... I didn't want to spend as many hours patching machines with KB824146 exploit ... Mbsafu is an automatic remote patching tool that applies Security updates ... Download and install mbsa. ... Setup a network share with full privileges for the account you will patch ... (NT-Bugtraq) Re: Event ID 6161 for HP 6840 ... patch related to an exposure via the print spooler service. ... download which offers the option of a local port. ... >> There were no problems with the install and the printer works find so long ... >> 3) All machines on the network can connect to the printer via Internet ... (microsoft.public.windowsxp.print_fax) Re: [fw-wiz] terminal services ... >> pointing out the danger of opening extra holes in your firewall. ... >that a VPN is a hole in the firewall, albeit generally a mitigated hole, ... >people didn't patch their machines. ... (Firewall-Wizards) Re: 5.3-RELEASE TODO ... I haven't tested the last one (memory tuning on 4GB machines) ... * There may be a problem with swapping: ... >> He suggested a patch, but it did not fix the problem. ... (freebsd-current) Re: Problems with MS01-052 ... I have had 34 reports so far of the patch causing problems on Windows ... machines you're applying it to). ... expected there'd be a world-wide DoS attack against Terminal Services ... Microsoft Exchange 2000 between October 1 and November 16. ... (NT-Bugtraq)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)