Re: NASA Security Audit
From: KoRe MeLtDoWn (koremeltdown_at_hotmail.com)
Date: 10/09/03
- Previous message: Byron Copeland: "RE: NASA Security Audit"
- Maybe in reply to: Gregory M. Brown: "NASA Security Audit"
- Next in thread: Anders Reed-Mohn: "Re: NASA Security Audit"
- Reply: Anders Reed-Mohn: "Re: NASA Security Audit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: gbrown@alvalearning.com, SECURITY-BASICS@SECURITYFOCUS.COM Date: Thu, 09 Oct 2003 06:17:26 +0000
Hi there,
Have you considered putting another machine between the firewall and the
server? I would suggest using redhat linux on this box, and customise some
firewall rules. Look specificly at blocking out the dangerous port access on
the network e.g rpc, netbois etc. Blocking this at the linux platform so he
cant get through is a powerful way of shielding the flaws in microsoft
architecture.
This is one method you might not have considered that you might like to look
into - it can effectively make it near impossible to intrude on your server
if implemented correctly.
Kindest of regards,
Hamish Stanaway
Absolute Web Hosting
Owner/Operator
Auckland
New Zealand
http://www.webhosting.net.nz
http://www.buywebhosting.co.nz
>From: "Gregory M. Brown" <gbrown@alvalearning.com>
>To: <SECURITY-BASICS@SECURITYFOCUS.COM>
>Subject: NASA Security Audit
>Date: Wed, 8 Oct 2003 10:48:59 -0600
>MIME-Version: 1.0
>Received: from outgoing3.securityfocus.com ([205.206.231.27]) by
>mc4-f13.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Wed, 8 Oct 2003
>18:45:48 -0700
>Received: from lists.securityfocus.com (lists.securityfocus.com
>[205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid
>A8103A3111; Wed, 8 Oct 2003 16:40:33 -0600 (MDT)
>Received: (qmail 6920 invoked from network); 8 Oct 2003 10:39:35 -0000
>X-Message-Info: JGTYoYF78jGSUfm8nZq82rHHuToBhR+U
>Mailing-List: contact security-basics-help@securityfocus.com; run by ezmlm
>Precedence: bulk
>List-Id: <security-basics.list-id.securityfocus.com>
>List-Post: <mailto:security-basics@securityfocus.com>
>List-Help: <mailto:security-basics-help@securityfocus.com>
>List-Unsubscribe: <mailto:security-basics-unsubscribe@securityfocus.com>
>List-Subscribe: <mailto:security-basics-subscribe@securityfocus.com>
>Delivered-To: mailing list security-basics@securityfocus.com
>Delivered-To: moderator for security-basics@securityfocus.com
>Message-ID:
><CC26322EC1A3BA418C6C4C02F1D1DF084BC2@dmaul.hoth.alvalearning.com>
>X-MS-Has-Attach: X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0
>X-MS-TNEF-Correlator: Thread-Topic: NASA Security Audit
>content-class: urn:content-classes:message
>Thread-Index: AcONvBHlelDwTg92Tza94lm/7REmFQ==
>Return-Path:
>security-basics-return-24319-koremeltdown=hotmail.com@securityfocus.com
>X-OriginalArrivalTime: 09 Oct 2003 01:45:50.0741 (UTC)
>FILETIME=[11952C50:01C38E07]
>
>Well it looks as though I am finally going to be tested by the Feds.
>According to my CTO, a guy named Jay Diceman will be the point man.
>Anyone ever hear of him? I hear he is a well known security expert
>(ex-hacker?)for the federal government. I have downloaded the Evaluated
>Security Configuration document created for Microsoft by Science
>Applications International Corporation. There are actually 2 of these.
>I think those .pdf's cover the Microsoft component. I don't even want
>him to get as far as any MS box. I am fairly new to security (2years)
>and my final exam is going to be a "Black Box" test and a "Crystal" test
>from some heinously gifted hacker from NASA...
>
>1. What exactly will these 2 forms of intrusion concentrate on?
>
>2. Is my hardware up to the task? I currently have a Fortigate
>Fortinet 50 configured for intrusion detection and prevention. I am
>currently blocking 1300+ known attacks. My FW is a CheckPoint Celestix
>with a physical DMZ path. The only questionable services allowed
>through are FTP (requirement) and Terminal Services (requirement).
>
>3. What can I expect? Any input is GREATLY appreciated.
>
>Thanks. Man I hope I still have a job in 2 weeks!
>gb
>
>
>
>
>
>
>
>
>
>---------------------------------------------------------------------------
>----------------------------------------------------------------------------
>
_________________________________________________________________
Instant message during games with MSN Messenger 6.0. Download it now FREE!
http://msnmessenger-download.com
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Byron Copeland: "RE: NASA Security Audit"
- Maybe in reply to: Gregory M. Brown: "NASA Security Audit"
- Next in thread: Anders Reed-Mohn: "Re: NASA Security Audit"
- Reply: Anders Reed-Mohn: "Re: NASA Security Audit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
