Re: Security Treats

From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 09/25/04

Next message: Seb: "Re: Cert Server Denying Certs requests - Event ID 21: The certificate is revoked"

Previous message: Steven L Umbach: "Re: Baseline Security Analyzer"
In reply to: Sherman H.: "Security Treats"
Next in thread: Oli Restorick [MVP]: "Re: Security Treats"
Reply: Oli Restorick [MVP]: "Re: Security Treats"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 25 Sep 2004 18:13:29 GMT

That is a huge topic. But here are some for my two cents and are not related to
Windows 2000 necessarily.

-- No or improperly configured firewalls.

-- No or inadequate backup and disaster recovery strategy.

-- No or poor password and account lockout policy.

-- Not keeping current with critical updates.

-- No or poor implementation of a strategy to manage risks for viruses, worms,
trojans.

-- Misconfigured operating systems - particularly domain controllers and dns.

-- No or not enforced computer user policy.

-- Unauthorized computers allowed on the network.

-- Letting users be local administrators when they do not need to be.

-- Not using Group Policy to manage/enforce Internet Explorer security settings.

-- Not enabling effective auditing and actually monitoring the logs.

-- Too many domain admins and not taking advantage of delegation for AD domain.

-- Operating system not hardened with too many services enabled such as IIS that is
installed and enabled by default.

-- Excessive default permissions to shares and root folder of a default install.
Everyone has full control.

-- Not physically securing sensitive computers, particularly domain controller.

-- Lazy, inept, malicious employees/students/admins.

"Sherman H." <shung@charter.net> wrote in message
news:10lb67g21jv2g11@corp.supernews.com...
> Would like to survey what are the most security threats in the 2000
> environments? What would be the things that are usually neglected by
> regular admins.
>
> Thanks.
>
>

Next message: Seb: "Re: Cert Server Denying Certs requests - Event ID 21: The certificate is revoked"

Previous message: Steven L Umbach: "Re: Baseline Security Analyzer"
In reply to: Sherman H.: "Security Treats"
Next in thread: Oli Restorick [MVP]: "Re: Security Treats"
Reply: Oli Restorick [MVP]: "Re: Security Treats"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Blocking port scans on local network
... You can implement enumeration of SAM accounts and shares with probably no ... on domain controllers via Domain Controller Security Policy depending of ... domain computer that has a "require" ipsec policy assigned to it. ... between domain computers and domain controllers as the domain controllers ...
(microsoft.public.win2000.security)
Re: Continual errors - Event ID 1030 and 1058 on DC
... This article will help you check the security rights on the sysvol ... Domain controllers have the read and apply rights to the Domain ... Controllers Policy. ...
(microsoft.public.windows.group_policy)
Re: Basic Security Help
... > a network is weak or no passwords followed by malicious user on your ... Be sure to educate users of any pending changes to password policy ... > Windows Updates or using a SUS server to authorize and distribute security ... > network including how to isolate and repair infected computers. ...
(microsoft.public.security)
Re: domain users force only local server access
... You can restrict computers using ipsec policies. ... complex topic and domain controllers need to be exempt from any policy to ...
(microsoft.public.win2000.security)
Re: 10 winxp computer locked by Software Restrictions
... security policy but sounds like a problem with Software Restriction ... I don't know offhand why it is affecting only some computers unless there ... replication between domain controllers. ... know how well netdiag will work in safe mode but make sure the problem ...
(microsoft.public.windows.group_policy)