RE: Huge security breach in standard w2k install
From: Patrick S. Harper (lists@internetsecurityguru.com)Date: 01/11/02
- Previous message: Leon de France: "RE: Huge security breach in standard w2k install"
- Maybe in reply to: Kenneth Christensen: "Huge security breach in standard w2k install"
- Next in thread: Arnott James M Contr AEDC/TEK: "RE: Huge security breach in standard w2k install"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Patrick S. Harper" <lists@internetsecurityguru.com> To: "'Kenneth Christensen'" <kc@proff-art.dk> Date: Thu, 10 Jan 2002 18:39:56 -0600
Remember null sessions are used by many MS Admin tools. If you remove
them from a DC you might have problems. I always remove them from
member servers and workstations, and block all NetBIOS at the perimeter
Patrick S. Harper | MCSE ISS
mailto:patrick@internetsecurityguru.com
http://www.internetsecurityguru.com
How do I set a laser printer to stun?
-----Original Message-----
From: Kenneth Christensen [mailto:kc@proff-art.dk]
Sent: Thursday, January 10, 2002 4:13 PM
To: Patrick S. Harper
Cc: focus-ms@securityfocus.com
Subject: RE: Huge security breach in standard w2k install
Hi!
hm... guess i'll have to take some time off ... I already knew that MS
products wasnt the safest around ... but this discory really scared me
thanx!
-----Original Message-----
From: Patrick S. Harper [mailto:lists@internetsecurityguru.com]
Sent: Thursday, January 10, 2002 10:21 PM
To: 'Kenneth Christensen'; focus-ms@securityfocus.com
Subject: RE: Huge security breach in standard w2k install
With the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA Name:
RestrictAnonymous Type: REG_DWORD Value: 1.
There are a bunch of thing you need to do to a default install. I would
suggest reading form the following docs:
http://www.labmice.net/articles/securingwin2000.htm
http://nsa1.www.conxion.com/index.html
http://www.microsoft.com/technet/security/tools/w2kprocl.asp?frame=true
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/tools/c2config.asp
Also depending on what you use to scan (retina and stat for example) the
program might answer these questions for you.
Remember that for now MS products are shipped in the most open
configuration and it is up to the users and admins to secure the boxes.
Patrick S. Harper | MCSE ISS mailto:patrick@internetsecurityguru.com
http://www.internetsecurityguru.com
How do I set a laser printer to stun?
-----Original Message-----
From: Kenneth Christensen [mailto:kc@proff-art.dk]
Sent: Thursday, January 10, 2002 1:28 PM
To: focus-ms@securityfocus.com
Subject: Huge security breach in standard w2k install
Hi!
having installed the network scanner recommend in the mails on this
thread, I discovered something horrific .. my own workstations at the
office apperently expose both shares AND users/groups on the machines (
W2K Pro )
how on earth can i disable this HUGE security hole ?
Yours Truely
Kenneth Christensen
- Previous message: Leon de France: "RE: Huge security breach in standard w2k install"
- Maybe in reply to: Kenneth Christensen: "Huge security breach in standard w2k install"
- Next in thread: Arnott James M Contr AEDC/TEK: "RE: Huge security breach in standard w2k install"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
