[TOOL] IPFront - Windows 2000 and 2003 Hardening GUI

From: SecuriTeam (support_at_securiteam.com)
Date: 11/25/04

  • Next message: SecuriTeam: "[EXPL] Winamp IN_CDDA.dll Remote Buffer Overflow Exploit" 
    To: list@securiteam.com
Date: 25 Nov 2004 14:07:25 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      IPFront - Windows 2000 and 2003 Hardening GUI
    ------------------------------------------------------------------------

    SUMMARY

    DETAILS

    IPFront is a small Open Source tool written in HTA, developed for
    administrators in charge of Widows 2000/2003 hardening.

    Although it is certain that both platforms have a certain amount of
    utilities to do this task (GPOs, Groups of Baseline, etc.), administrators
    of systems Windows often are seen in the necessity to navigate different
    windows from its graphical interface at the time of establishing simple
    filtering rules of traffic by means of IPSec policies, that accompany the
    correct process by Hardening of their platform.

    There are in Windows 2003, and in the Resource Kit for Windows 2000,
    command line utilities to make powerful scripts to implement IPSec rules,
    but its syntax i probably not well-known by inexperienced administrators,
    or they may even be, sadly, not interested in learning them.

    In short, IPFront is nothing more that a small Front End that receives
    direction on the behalf of the user, and then creating small script that
    one can later execute from IPFront or be transferred and executed in other
    servers. IPFront also has two buttons that make possible to make some
    changes in the registry of Windows, with the object of hardening some
    aspects of the treatment of packets by the TCP/IP stack, and removing
    existing exceptions in the implementation of IPSec in Windows (Please
    refer to IPFronts help to know more about this).

    Installation Requirements:
    Although IPfront does not require installation, its total functionality in
    systems Windows 2000, is obtained with the implementation of component
    IPSECPOL.EXE developed by Microsoft, which is included in the Resource
    Kit, or through Microsoft's Web site. Please review the documentation of
    IPSECPOL.EXE in order to make the correct installation of this component
    if you require to execute the application or script resulting in the
    system to assure.

    At the time of writing these lines, is available in the following URL:
    <http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/ipsecpol-o.asp> http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/ipsecpol-o.asp

     - Windows 2000 Professional SP 4
     - Windows 2000 Server SP 4
     - Windows 2000 Advance Server SP 4
     - Windows Server 2003
     - Internet Explorer 5,5 SP 1 or Later
     - User with privileges of Administrator and component IPSECPOL.EXE of the
    Windows 2000 Resource Kit, in case of requiring TO APPLY the rules created
    by means of IPFront (In this case IPSECPOL.EXE it will have to be in path
    or the same directory that IPFront.hta)

    Download Information:
    The tool can be obtained from:
    http://www.hernanracciatti.com.ar/ipfront/images/ZipFile.gif

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:hracciatti@gmail.com> Hernan
    Racciatti.
    To keep updated with the tool visit the project's homepage at:
    <http://www.hernanracciatti.com.ar/ipfront/index.htm>
    http://www.hernanracciatti.com.ar/ipfront/index.htm

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[EXPL] Winamp IN_CDDA.dll Remote Buffer Overflow Exploit"

    Relevant Pages