Re: Windows 2003 Server - MS Rulez?

From: Steve (securityfocus_at_delahunty.com)
Date: 05/24/03

  • Next message: Street: "Re[2]: Windows 2003 Server - MS Rulez?"
    To: "Willis Johnson" <willisj@microsoft.com>, "Kelly Fuller" <kelly@ccgsecurity.com>, "Street" <streetseeker@mail.ru>, <focus-ms@securityfocus.com>
    Date: Sat, 24 May 2003 15:46:27 -0400
    
    

    This is related to the discussion. Microsoft is conducting a higher
    technical level webcast about Windows Server 2003 security for the
    Network Professional Association, webcast open to anyone,
    notice/registration posted on the NPA website www.npa.org/webcast2003.

    STEVE
    ----- Original Message -----
    From: "Willis Johnson" <willisj@microsoft.com>
    To: "Steve" <securityfocus@delahunty.com>; "Kelly Fuller"
    <kelly@ccgsecurity.com>; "Street" <streetseeker@mail.ru>;
    <focus-ms@securityfocus.com>
    Sent: Friday, May 23, 2003 6:09 PM
    Subject: RE: Windows 2003 Server - MS Rulez?

    There's a great new white paper on Windows XP/2003 services on
    TechNet:
    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodt
    echnol/windowsserver2003/plan/svrxpser.asp

    I personally found it quite helpful. In addition to tightening up
    security on my systems, it gave me what I needed to goose performance
    on
    my laptop by turning off many services.

    Willis Johnson
    Microsoft

    ...not the official position of Microsoft, all disclaimers apply, etc.
    :-)

    -----Original Message-----
    From: Steve [mailto:securityfocus@delahunty.com]
    Sent: Friday, May 23, 2003 2:08 PM
    To: Kelly Fuller; Street; focus-ms@securityfocus.com
    Subject: Re: Windows 2003 Server - MS Rulez?

    I also liked the feature that Windows Server 2003 does not run
    unnessary
    services. I found the launch event to be very educational and the
    security issues to be well addressed.

    STEVE

    ----- Original Message -----
    From: "Kelly Fuller" <kelly@ccgsecurity.com>
    To: "Street" <streetseeker@mail.ru>; <focus-ms@securityfocus.com>
    Sent: Friday, May 23, 2003 4:02 PM
    Subject: RE: Windows 2003 Server - MS Rulez?

    The hash (most commonly MD5 or SHA) is known as a one-way algorithm
    and
    is very difficult to reverse. I would think this method is rather
    secure
    in that respect.

    Kelly B. Fuller
    Network Security Engineer
    Continental Consulting Group

    -----Original Message-----
    From: Street [mailto:streetseeker@mail.ru]
    Sent: Friday, May 23, 2003 6:02 PM
    To: focus-ms@securityfocus.com
    Subject: Windows 2003 Server - MS Rulez?

    Hello list. Today I have attended to official presentation of
    Microsoft
    Windows 2003 Server. And the representatives of Microsoft gave to my
    organisation an evaluation version of 2003 Server. That thing looks
    very
    secure, i.e. known methods of attack did not gave a damn thing. Also I
    learned an interesting feature - prohibition of launch of any program
    is
    not made by its exe name - it makes a hash from the body of program
    and
    politics are applied using this hash. I wonder whether this method is
    secure and if there are any ways to defeat it.

    Any thoughts? Thank you in advance.

    -- 
    Best regards,
     Street                          mailto:streetseeker@mail.ru
    ----------------------------------------------------------------------
    --
    -----
    *** Wireless LAN Policies for Security & Management - NEW White Paper
    *** Just like wired networks, wireless LANs require network security
    policies that are enforced to protect WLANs from known vulnerabilities
    and threats. Learn to design, implement and enforce WLAN security
    policies to lockdown enterprise WLANs.
    To get your FREE white paper visit us at:
    http://www.securityfocus.com/AirDefense-focus-ms
    ----------------------------------------------------------------------
    --
    ------
    ----------------------------------------------------------------------
    --
    ----
    -
    *** Wireless LAN Policies for Security & Management - NEW White Paper
    *** Just like wired networks, wireless LANs require network security
    policies that are enforced to protect WLANs from known vulnerabilities
    and threats. Learn to design, implement and enforce WLAN security
    policies to lockdown enterprise WLANs.
    To get your FREE white paper visit us at:
    http://www.securityfocus.com/AirDefense-focus-ms
    ----------------------------------------------------------------------
    --
    ----
    --
    ----------------------------------------------------------------------
    --
    -----
    *** Wireless LAN Policies for Security & Management - NEW White Paper
    *** Just like wired networks, wireless LANs require network security
    policies that are enforced to protect WLANs from known vulnerabilities
    and threats.
    Learn to design, implement and enforce WLAN security policies to
    lockdown enterprise WLANs.
    To get your FREE white paper visit us at:
    http://www.securityfocus.com/AirDefense-focus-ms
    ----------------------------------------------------------------------
    --
    ------
    -----------------------------------------------------------------------------
    *** Wireless LAN Policies for Security & Management - NEW White Paper ***
    Just like wired networks, wireless LANs require network security policies
    that are enforced to protect WLANs from known vulnerabilities and threats. 
    Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.
    To get your FREE white paper visit us at: 
    http://www.securityfocus.com/AirDefense-focus-ms
    ------------------------------------------------------------------------------
    

  • Next message: Street: "Re[2]: Windows 2003 Server - MS Rulez?"

    Relevant Pages

    • Re: << SBS News of the week - Sept 26 >>
      ... > And he points to the info you need to put the file on the server in the ... > at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... An attacker can exploit these flaws in tandem via specially ...
      (microsoft.public.backoffice.smallbiz2000)
    • << SBS News of the week - Sept 26 >>
      ... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
      (microsoft.public.windows.server.sbs)
    • Re: << SBS News of the week - Sept 26 >>
      ... > And he points to the info you need to put the file on the server in the ... > at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... An attacker can exploit these flaws in tandem via specially ...
      (microsoft.public.windows.server.sbs)
    • << SBS News of the week - Sept 26 >>
      ... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
      (microsoft.public.backoffice.smallbiz)
    • << SBS News of the week - Sept 26 >>
      ... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
      (microsoft.public.backoffice.smallbiz2000)