Re: Windows Server 2003

• Previous message: Paul Fishbein: "Question on Corrupted BlackIce Defender Installation"
• In reply to: Meidinger Chris: "AW: Windows Server 2003"
• Next in thread: Rick Hale: "Re: Windows Server 2003"
• Reply: Rick Hale: "Re: Windows Server 2003"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Meidinger Chris" <chris.meidinger@badenit.de>, "'Sean Earp'" <smearp@mac.com>, "Chris Halverson" <chris.halverson@encana.com>
Date: Thu, 11 Sep 2003 23:28:41 +0200

If anyone knows of a system that is secure out of the box, let us know right
away. Otherwise we will continue assuming that it is an impossibility.

>>agreed

----- Original Message -----
From: "Meidinger Chris" <chris.meidinger@badenit.de>
To: "'Sean Earp'" <smearp@mac.com>; "Chris Halverson"
<chris.halverson@encana.com>
Cc: <Security-Basics@Securityfocus.com>
Sent: Thursday, September 11, 2003 7:04 PM
Subject: AW: Windows Server 2003

If anyone knows of a system that is secure out of the box, let us know right
away. Otherwise we will continue assuming that it is an impossibility. So,
as long as that notion of 'automatic no-work security' is gone, i am quite
happy with the machine i'm working with right now and testing in a metaframe
xp environment.

Everything is off, and you have to select to install pretty much any
service. As far as the nmap output you provided chris wanstrath, considering
everything you have on the machine, you don't need to be suprised. I nmapped
my machine right away before i did anything to it, and i'm pretty sure there
nothing more than windows file sharing open, which is to be expected on the
*non* web-server version.

By the way, I really like the shutdown feature that you have to explain why
the machine is going down. If you are working in a shop where the machine
doesn't belong to you alone, then it's nice to know why the guy who went on
vacation last week was booting the box 20 times a day. (assuming he doesn't
write that it was because of qwertz)

In general, i have to say that i like the 2003 server a whole lot, it's hard
to describe, but a lot of the things that always annoyed me on the 2000
server seem to be just gone. It's a really nice system* considering that
it's windoze.

*not that i'm going to abandon my linux machines anytime soon for it.

Chris Meidinger

badenIT GmbH
System Support

Tel. +49 761 279 2280
Fax. +49 761 279 2200

Tullastrasse 70
79108 Freiburg
Deutschland

-----Ursprüngliche Nachricht-----
Von: Sean Earp [mailto:smearp@mac.com]
Gesendet: Mittwoch, 10. September 2003 22:20
An: Chris Halverson
Cc: Security-Basics@Securityfocus.com
Betreff: Re: Windows Server 2003

Chris-

Well, "secure by default" means that it ships with NOTHING activated.
IIS, etc is turned off, and Internet Explorer is virtually unusable out
of the box (NO site is trusted, and you have to explicitly trust a site
to download, or do just about anything).

Is it more secure out of the box than Windows 2000? Sure. Is it
immune to common attack vectors such as Buffer overflows? HECK NO!
Windows Server 2003 was fully vulnerable to the exploit that the
Blaster worm used, and according to news.com
<http://news.com.com/2100-1009_3-5074008.html?tag=fd_top>, two MORE
variations of the same security hole were just found, meaning that W2K3
Boxes with the last RPC patch installed are STILL FULLY VULNERABLE TO
COMPLETE TAKEOVER by a remote host.

Better than previous attempts? Yes... Secure? No.

Just my 2 cents...

-Sean

On Wednesday, September 10, 2003, at 05:37 AM, Chris Halverson wrote:

> What does everyone think of the hype around Windows Server 2003 being
>
> secure by default? Has anyone implemented one in your environment?

---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW - FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW - FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW - FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

• Previous message: Paul Fishbein: "Question on Corrupted BlackIce Defender Installation"
• In reply to: Meidinger Chris: "AW: Windows Server 2003"
• Next in thread: Rick Hale: "Re: Windows Server 2003"
• Reply: Rick Hale: "Re: Windows Server 2003"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]