Re: Proxy server hit... Any ideas?

From: Emeric Miszti (emeric@uksecurityonline.com)
Date: 11/22/02

  • Next message: Valdis.Kletnieks@vt.edu: "Re: Proxy server hit... Any ideas?" 
    From: Emeric Miszti <emeric@uksecurityonline.com>
To: Valdis.Kletnieks@vt.edu
Date: 22 Nov 2002 00:52:42 +0000

    >> Valdis Kletnieks said:

    >> Of course, this begs the question of how to get the patches onto the
    >> system. Recently, one of my co-workers needed about 3 hours to
    >> download SP3 .... So we're fast approaching the point (if we haven't
    >> long since passed it)
    >> where the average time to download the patches is less than the
    >> average time to get 0wned.

    1) Ensure that you have an effective perimeter firewall that blocks all
    incoming traffic to the new box

    2) Connect ONLY to the sites needed to download patches - starting with
    Windows update, or your specific operating system equivalents

    If you are really paranoid (like I am ;)

    1) Harden the box PRIOR to connecting

    2) Run a personal firewall on the box that is collecting patches, making
    sure that you allow no incoming traffic

    NEVER EVER put an un-patched, un-firewalled box directly onto the
    Internet (with all those nice juicy ports wide open) since yes, it can
    get 0wn3d before you have patched it (though if it's not effectively
    firewalled then you still have a problem anyway). Only once patched
    should you consider opening ports for incoming traffic.

    It's not that hard really.....;)

    Regards 

    -- 
Emeric Miszti
UK Security Online
http://www.uksecurityonline.com
Tel No: 0870 088 5689
Fax No: 0870 706 2162
PGP Public Key available at 
http://www.uksecurityonline.com/emeric.asc
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

    Relevant Pages

    • Re: WindowsXP slower after reinstall.
      ... > Did you get on the Internet unprotected by a firewall or antivirus? ... > Also - did you test your hardware before reinstalling - it could be a bad ... > will have to do whatever you did before to get them installed or download ... > You can see the critical patches released for a given ...
      (microsoft.public.windowsxp.basics)
    • Re: WindowsXP slower after reinstall.
      ... > Did you get on the Internet unprotected by a firewall or antivirus? ... > Also - did you test your hardware before reinstalling - it could be a bad ... > will have to do whatever you did before to get them installed or download ... > You can see the critical patches released for a given ...
      (microsoft.public.windowsxp.basics)
    • Re: AdAware, SpyBot S &D, etc. + leave PC connected to Internet
      ... >It will be a while I get the router and do that. ... >> labelling on the box to be sure it has firewall features. ... name, like Disconnect from Internet, and click Finish. ... generally talking only about "critical patches" that affect security. ...
      (comp.security.firewalls)
    • Re: The current architecture is broken
      ... * Use a good firewall to block access to your computer from the Internet ... > download and keep up with all they send, but Microsoft has ... >> Internet to download all those security patches. ...
      (microsoft.public.security.virus)
    • Re: ** READ THIS BEFORE POSTING - answers to frequently asked question
      ... >> Microsoft generally releases security patches on the second Tuesday of more ... >> 4) You're not running a firewall, or your firewall isn't protecting you. ... >> I just heard about a new Microsoft security patch update. ... >> I forgot my Windows logon password and can't log in. ...
      (microsoft.public.security)