Re: Security Audit
From: Phil (pmarg_at_charter.net)
Date: 05/23/03
- Next message: David: "Urgent Help Please.... Built in User Groups"
- Previous message: Mark McGee: "Access Control Editor"
- In reply to: Steven L Umbach: "Re: Security Audit"
- Next in thread: Steven L Umbach: "Re: Security Audit"
- Reply: Steven L Umbach: "Re: Security Audit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 23 May 2003 08:15:22 GMT
I have found out that their answer to this security vulnerability was to
delete all *.pwl files on the Windows 9x machines.
"Steven L Umbach" <n9rou@attbi.com> wrote in
news:sgzxa.622836$OV.580812@rwcrnsc54:
> You are correct. There are no administrator accounts on W95
> machines. Possibly they are detecting that there is no password set to
> log onto the W95 operating system, just network log on. I would say -
> hey, you guys are right and we need to upgrade all those old systems
> to XP Pro ASAP to be in compliance. About the only thing you can do
> to improve securing W9X computers is to make sure they have Active
> Directory Client installed on them so that they can use ntlmv2
> authentication and smb signing if desired - otherwise they are using
> lm which any script kiddie could crack sniffing password hashes off
> the network. But I am sure you already using ADC or else the
> corporate security guys would have caught that. --- Steve
>
> http://www.petri.co.il/ad_client_for_win98_nt.htm - Active Directory
> Client link.
>
> "Phil" <pmarg@charter.net> wrote in message
> news:Xns937E9C086FD7pmargcharternet@65.82.44.187...
>> We are running a Windows 2000 AD domain with 2k, XP, and 9x clients.
>> We recently had a security audit of our network by our corporate
>> network security department. The software they used was "ISS Internet
>> Scanner v. 6.21."
>>
>> In the results I am seeing several of these issues relating to
>> Windows 9x machines:
>>
>> Issue: PASSWORD POLICIES
>> Level: High
>> Vulnerability: Administrator account has a blank password
>> Risk: Unauthorized access to system resources
>> Recommendation: Set passwords in accordance with Information
>> Security
>> policies and Procedures
>>
>> Since these are all Win9x machines, I'm not sure what to do here.
>> There is no administrator account.
>>
>> Using LANGuard I get these results on the same machine:
>>
>> IP Address : <ip of machine>
>> HostName : <hostname of machine>
>> Resolved : <hostname of machine>
>> Operating System : Windows 95
>> Time to live (TTL) : 32 (32) - Same network segment
>> Address mask : 255.255.255.0
>> Shares (1)
>> IPC$ - Remote Inter Process Communication
>> Open Ports (2)
>> 135 [ epmap => DCE endpoint resolution ]
>> 139 [ Netbios-ssn => NETBIOS Session Service ]
>>
>> Are the vulnerabilities that the ISS software is picking up correct?
>> If so, can anyone tell me what should be done in order to secure
>> these 9x clients? TIA
>>
>> -Phil
>>
>
>
- Next message: David: "Urgent Help Please.... Built in User Groups"
- Previous message: Mark McGee: "Access Control Editor"
- In reply to: Steven L Umbach: "Re: Security Audit"
- Next in thread: Steven L Umbach: "Re: Security Audit"
- Reply: Steven L Umbach: "Re: Security Audit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
