Re: Security Treats

From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 09/25/04

  • Next message: Seb: "Re: Cert Server Denying Certs requests - Event ID 21: The certificate is revoked"
    Date: Sat, 25 Sep 2004 18:13:29 GMT
    
    

    That is a huge topic. But here are some for my two cents and are not related to
    Windows 2000 necessarily.

    -- No or improperly configured firewalls.

    -- No or inadequate backup and disaster recovery strategy.

    -- No or poor password and account lockout policy.

    -- Not keeping current with critical updates.

    -- No or poor implementation of a strategy to manage risks for viruses, worms,
    trojans.

    -- Misconfigured operating systems - particularly domain controllers and dns.

    -- No or not enforced computer user policy.

    -- Unauthorized computers allowed on the network.

    -- Letting users be local administrators when they do not need to be.

    -- Not using Group Policy to manage/enforce Internet Explorer security settings.

    -- Not enabling effective auditing and actually monitoring the logs.

    -- Too many domain admins and not taking advantage of delegation for AD domain.

    -- Operating system not hardened with too many services enabled such as IIS that is
    installed and enabled by default.

    -- Excessive default permissions to shares and root folder of a default install.
    Everyone has full control.

    -- Not physically securing sensitive computers, particularly domain controller.

    -- Lazy, inept, malicious employees/students/admins.

    "Sherman H." <shung@charter.net> wrote in message
    news:10lb67g21jv2g11@corp.supernews.com...
    > Would like to survey what are the most security threats in the 2000
    > environments? What would be the things that are usually neglected by
    > regular admins.
    >
    > Thanks.
    >
    >


  • Next message: Seb: "Re: Cert Server Denying Certs requests - Event ID 21: The certificate is revoked"

    Relevant Pages

    • Re: Blocking port scans on local network
      ... You can implement enumeration of SAM accounts and shares with probably no ... on domain controllers via Domain Controller Security Policy depending of ... domain computer that has a "require" ipsec policy assigned to it. ... between domain computers and domain controllers as the domain controllers ...
      (microsoft.public.win2000.security)
    • Re: Continual errors - Event ID 1030 and 1058 on DC
      ... This article will help you check the security rights on the sysvol ... Domain controllers have the read and apply rights to the Domain ... Controllers Policy. ...
      (microsoft.public.windows.group_policy)
    • Re: Basic Security Help
      ... > a network is weak or no passwords followed by malicious user on your ... Be sure to educate users of any pending changes to password policy ... > Windows Updates or using a SUS server to authorize and distribute security ... > network including how to isolate and repair infected computers. ...
      (microsoft.public.security)
    • Re: domain users force only local server access
      ... You can restrict computers using ipsec policies. ... complex topic and domain controllers need to be exempt from any policy to ...
      (microsoft.public.win2000.security)
    • Re: Preventing users from c onnecting to shares NOT on the domain..
      ... First condition would be to set "Require Security" policy to "Restricted ... These computers could be excluded by IP address, ... > The servers might be located on the same subnet of some of the clients. ...
      (microsoft.public.win2000.networking)