RE: Huge security breach in standard w2k install

From: RH (RH@beulah.org)
Date: 01/10/02 

From: RH <RH@beulah.org>
To: 'H C' <keydet89@yahoo.com>, "'focus-ms@securityfocus.com'" <focus-ms@securityfocus.com>, "'kc@proff-art.dk'" <kc@proff-art.dk>
Date: Thu, 10 Jan 2002 17:35:39 -0500

Exactly... scanning as an admin will reveal a lot more information of
course. I would recommend the use of Zone Alarm or Tiny Firewall on your
workstations; this will protect your workstation from internal and external
connection attempts if used correctly. There is seldom a need for other
users to connect to file shares on your workstation system, and these
products would allow connection on a case by case basis.
Firewalling also blocks scanner software too... ;-)

-----Original Message-----
From: H C [mailto:keydet89@yahoo.com]
Sent: Thursday, January 10, 2002 4:39 PM
To: Kenneth Christensen; focus-ms@securityfocus.com
Subject: Re: Huge security breach in standard w2k install

Here we go again...

> having installed the network scanner recommend in
> the mails on this thread,

Since you started this thread, I'm curious...which
scanner did you install?

> I discovered something horrific .. my own
> workstations at the office
> apperently expose both shares AND users/groups on
> the machines ( W2K Pro )
 
Kind of depends. How did you run the scanner? Did it
find this 'hole' running as an administrator, or via a
null session?

> how on earth can i disable this HUGE security hole ?

Well, again, that sort of depends. What are you
protecting from? If you're behind a firewall, and
you're NAT'd, the direct external threats to your
internal systems may be minimal.

However, it may just be best to disable NetBIOS on all
of your NICs. But then, that would prevent a lot of
functionality that you may need on your network.

__________________________________________________
Do You Yahoo!?
Send FREE video emails in Yahoo! Mail!
http://promo.yahoo.com/videomail/

Relevant Pages

  • RE: Huge security breach in standard w2k install
    ... I would also recommend that you might want to start scanning on a regular ... Nothing is 100% effective when it comes to security. ... workstations; this will protect your workstation from internal and external ... Firewalling also blocks scanner software too... ...
    (Focus-Microsoft)
  • Re: Suggest firewall for Win98se+ICS(dialup)+NAV
    ... > gateway for a peer-to-peer LAN with two workstations behind it? ... > Whatever software firewall you select should be capable of at least using ... There are no apps at all on the box I'm building for the client ...
    (comp.security.firewalls)
  • Re: Firewall
    ... the firewall, ... workstations the setting stays; the firewall is off. ... security barrier even if you also have a perimeter firewall. ... I use the security policy to handle most of our needs but the firewall ...
    (microsoft.public.windows.server.sbs)
  • Re: Questions About Windows Firewall and Domain Policy Enforcement (Updated Info)
    ... I have a Windows 2000 domain that has 200 workstations most of which are ... If we enable the firewall on the workstations then the domain ... SP2 settings on firewall activation). ... long as there is no Standard Profile configured. ...
    (microsoft.public.windows.group_policy)
  • Re: PPTP misery
    ... Domain PCs away from domain will not VPN. ... I am going to do what you ask re Firewall & Policy because I value your ... The only real difference between the domain workstations and the ... YourDomain.local> Group Policy Objects. ...
    (microsoft.public.windows.server.sbs)