Blocking port scans on local network

From: TB0NE (TB0NE_at_discussions.microsoft.com)
Date: 11/30/04

• Next message: BitWise: "RE: Blocking port scans on local network"
• Previous message: Sam: "Adware removal tools"
• Next in thread: BitWise: "RE: Blocking port scans on local network"
• Reply: BitWise: "RE: Blocking port scans on local network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 30 Nov 2004 07:33:01 -0800

We have some wonderful auditors in our building who will be testing our
network security (Sarbanes-Oxlely is the bane of my existence).

I noticed that one of the auditors had a copy of SolarWinds Engineering
Edition Toolset. I suspect that they will be scanning my network etc... I ran
one of the SolarWinds browsing utilities on my domain controller and was
suprised at the information it returned. Specifically, it returned all of the
users accounts in my domain! It did not return any specific information on
those accounts but, a simple account list was still a great suprise to me.
All of this while using an account not in my domain and on a machine that is
not a member of my domain.

The auditors do not log into my domain and their machines are not members of
my domain. HOWEVER, their machines are issued an IP address from my DHCP
server and they can access the Internet.

QUESTION:

Is there a way to block access to my servers (Port Scans etc..) from
machines that are not member of the domain without adversly affecting my
users? Using domain or group policy in the solution would be desirable.

If not, what measures can I take that will limit them to Internet access only?

Any and all suggestions would be greatly appreciated.

Thank you,

-- 
TB0NE

• Next message: BitWise: "RE: Blocking port scans on local network"
• Previous message: Sam: "Adware removal tools"
• Next in thread: BitWise: "RE: Blocking port scans on local network"
• Reply: BitWise: "RE: Blocking port scans on local network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: password expiration policy for admin and system accounts ? ... > Our auditors are objecting to our having Domain Administrator and domain ... > system accounts with passwords that never expire. ... DANGEROUS accounts be allowed practices less safe and more ... Perhaps you issue is that you are using the same Admin ... (microsoft.public.security) Re: password expiration policy for admin and system accounts ? ... > Our auditors are objecting to our having Domain Administrator and domain ... > system accounts with passwords that never expire. ... DANGEROUS accounts be allowed practices less safe and more ... Perhaps you issue is that you are using the same Admin ... (microsoft.public.win2000.security) Re: Audit certificate for a small club with unqualified auditors ... Either your association needs an audit, in which case you need to ... no knowledge of accounts. ... and they know all about the organisation (which qualified auditors ... they've certified without qualification are bollocks. ... (uk.business.accountancy) Re: The EU....things theyd rather you didnt know! ... In a now-familiar November routine, the European Court of Auditors has ... refused to sign off the EU's accounts - for the 11th year running. ... (uk.politics.misc)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint