Re: Moving command.com out of system32 directory
From: Karl Levinson [x y] mvp (levinson_k@excite.com)
Date: 11/13/02
- Next message: Karl Levinson [x y] mvp: "Re: WebServer part of Domain??"
- Previous message: Alun Jones: "Re: online security"
- In reply to: Royce Dunbar: "Moving command.com out of system32 directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Karl Levinson [x y] mvp" <levinson_k@excite.com> Date: Tue, 12 Nov 2002 19:46:46 -0500
"Royce Dunbar" <royce.dunbar@wellsfargo.com> wrote in message
news:007601c28a93$75d42c20$39ef2ecf@TKMSFTNGXA08...
> What is the rationale for moving the dos command shell out
> of the winnt\system32 directory? I had a collegue do this
> on a production server and have not been able to find any
> publications that recommend this.
I've seen this recommended, especially on web servers or other vulnerable or
internet-visible
computers. Hackers and worms can take advantage of certain exploits to run
system commands on your system if they know or can guess the location of the
command interpreter. [CMD.EXE is the DOS shell that comes with Windows
2000... if you're not dual-booting to windows 9x / ME, command.com may be
unnecessary.]
- Next message: Karl Levinson [x y] mvp: "Re: WebServer part of Domain??"
- Previous message: Alun Jones: "Re: online security"
- In reply to: Royce Dunbar: "Moving command.com out of system32 directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
