Re: inheriting a network

From: JFuller (JFuller_at_replyinthe.group.com)
Date: 07/18/03 

Date: Thu, 17 Jul 2003 15:57:54 -0700

It sounds like you are on the right track and have a good
handle on what you are doing.
Clearing the Firewalls is a good idea though.
No left over legacy hardware in the server room is
there?
The same company I mentioned before had a Modem setup on
an obscure server to accept RAS connections. I didn't
find it until a month after I took over. I went back and
checked the logs and it wasn't being used but I should
have known it was there.
Also you may want to audit the network for unauthorized
hardware. That is why I suggested LAN MapShot it gives
you a quick way to see all IP addresses on the LAN and
what they are. Right after I started here it lead me to
search out a router that was not accounted for. Turns
out it was sitting in a closet close to the phone room.
I assume that it was used for a PTP connection at some
point in the past but it was taking up an IP address and
reeking havoc on RIP for the network.

>-----Original Message-----
>Thanks for the response Fuller.
>
>Yes, I am familiar with both AD & W2k and I know
LAN/WAN. This is my first
>"solo" flight; I want reassurance that I'm doing the
right things and doing
>those things right. So far, I changed all admin
passwords, and checked for
>remote dial-in access. Changed the passwords to the
firewall and removed
>the VPN to their offices. I'm considering blanking the
router and completely
>reconfiguring it for good measure. Any other golden
nuggets of admin
>wisdom that you may pass on?
>
>Thanks a bunch.
>
>HAWK
>
>
>"jfuller" <jfuller@replyinthe.group.com> wrote in message
>news:0b6e01c34cad$bec79570$a001280a@phx.gbl...
>>
>> Are you familiar with AD and W2k? Or just starting out?
>> Do you know LAN/WAN?
>>
>> When I took over at a company a couple of years ago
they
>> had a backup system they used daily to back up 1 of 3
>> servers, a Virus scanner that was 2yrs out of date, the
>> NT servers had never had updates or SPs installed on
>> them, and most passwords were blank. That list went on
>> and on.
>> What I am saying is make sure to cover the basics
first.
>> If there is no backup system GET ONE! Make sure that
>> you have a good virus scanner on the server ASAP then
>> worry about the VS on the workstations. Get rid of
back
>> doors and weaknesses intentionally left by
>> predecessors. And install updates, SP, and security
>> fixes the day they are released.
>>
>> I would start by running the Microsoft Baseline
Security
>> Analyzer on all servers and workstations in the network
>> to document the basic security and software issues you
>> might be facing. I would also suggest auditing the
user
>> accts in the AD and disabling all of the accts that are
>> not legitimate (look for back doors left by the prior
>> admins.) Look for accounts that are able to log on the
>> servers for remote admin using TS.
>> I would also be checking the Firewalls for either
>> overlooked or intentional vulnerabilities.
>> Than use a mapping program such as LAN MapShot
Automatic
>> Diagramming Software From Fluke to map and inventory
the
>> entire system quickly. (14 day free trial on their
site)
>> I would also reference these articals:
>> The Basics of Security (Microsoft technet)
>> Best Practices for Enterprise Security (Microsoft
Technet)
>>
>> >-----Original Message-----
>> >I'm about to inherit a network where the company
>> administering it was asked
>> >to leave; no network documentation, no knowledge
>> transfer, nothing left
>> >behind. Can you give me or direct me to a "best
>> practices" checklist of
>> >things to do/check in inheriting the network? I've got
>> some ideas, but I
>> >wanted to tap the knowledge of an "expert". :^) It's
>> aW2k SBS environment, <
>> >than 100 users.
>> >
>> >Appreciate it.
>> >
>> >-HAWK
>> >
>> >
>> >.
>> >
>
>
>.
>

Relevant Pages

  • Re: inheriting a network
    ... I am familiar with both AD & W2k and I know LAN/WAN. ... Any other golden nuggets of admin ... > servers, a Virus scanner that was 2yrs out of date, the ... > I would start by running the Microsoft Baseline Security ...
    (microsoft.public.win2000.security)
  • Re: New to SMS - have a Collections question.
    ... I loaded the SMS Admin Console on the ... comprimise the security of the servers. ... SMS security is a bit different from normal Windows security. ... Access to objects is based on Security Rights (if you scroll down the list ...
    (microsoft.public.sms.admin)
  • Re: inheriting a network
    ... Changed the passwords to the firewall and removed ... Any other golden nuggets of admin ... >> servers, a Virus scanner that was 2yrs out of date, the ... >> I would start by running the Microsoft Baseline Security ...
    (microsoft.public.win2000.security)
  • Re: Best Firewall?? - follow-up
    ... You either configure the application to not establish outbound ... Define the "legitimate servers" for, say, a web browser. ... your points about the inability of firewalls ... and other security measures to provide complete security (or anything ...
    (comp.security.firewalls)
  • Re: Software Firewall (2003)
    ... multiple layers of security, so that when one is breached, you have ... configuring the server firewalls may be worth the effort. ... > software firewall on their servers? ... > internal attack froma laptop running XP non SP2. ...
    (microsoft.public.win2000.general)
Quantcast