Blocking port scans on local network

From: TB0NE (TB0NE_at_discussions.microsoft.com)
Date: 11/30/04

• Next message: BitWise: "RE: Blocking port scans on local network"
• Previous message: Sam: "Adware removal tools"
• Next in thread: BitWise: "RE: Blocking port scans on local network"
• Reply: BitWise: "RE: Blocking port scans on local network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 30 Nov 2004 07:33:01 -0800

We have some wonderful auditors in our building who will be testing our
network security (Sarbanes-Oxlely is the bane of my existence).

I noticed that one of the auditors had a copy of SolarWinds Engineering
Edition Toolset. I suspect that they will be scanning my network etc... I ran
one of the SolarWinds browsing utilities on my domain controller and was
suprised at the information it returned. Specifically, it returned all of the
users accounts in my domain! It did not return any specific information on
those accounts but, a simple account list was still a great suprise to me.
All of this while using an account not in my domain and on a machine that is
not a member of my domain.

The auditors do not log into my domain and their machines are not members of
my domain. HOWEVER, their machines are issued an IP address from my DHCP
server and they can access the Internet.

QUESTION:

Is there a way to block access to my servers (Port Scans etc..) from
machines that are not member of the domain without adversly affecting my
users? Using domain or group policy in the solution would be desirable.

If not, what measures can I take that will limit them to Internet access only?

Any and all suggestions would be greatly appreciated.

Thank you,

-- 
TB0NE

---

• Next message: BitWise: "RE: Blocking port scans on local network"
• Previous message: Sam: "Adware removal tools"
• Next in thread: BitWise: "RE: Blocking port scans on local network"
• Reply: BitWise: "RE: Blocking port scans on local network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Bkt Antarabangsa tragedy- ??? ... Those are rich fellas. ... They are so rich that they buy houses built on hill slopes. ... auditors are not liable for the accounts that ... having professional auditors then??? ... (soc.culture.malaysia) Re: password expiration policy for admin and system accounts ? ... > Our auditors are objecting to our having Domain Administrator and domain ... > system accounts with passwords that never expire. ... DANGEROUS accounts be allowed practices less safe and more ... Perhaps you issue is that you are using the same Admin ... (microsoft.public.win2000.security) Bkt Antarabangsa tragedy- ??? ... Highland Towers tragedy so quickly? ... If the experts pronounced it safe, they must be held accountable for their ... auditors are not liable for the accounts that ... having professional auditors then??? ... (soc.culture.malaysia) Re: password expiration policy for admin and system accounts ? ... > Our auditors are objecting to our having Domain Administrator and domain ... > system accounts with passwords that never expire. ... DANGEROUS accounts be allowed practices less safe and more ... Perhaps you issue is that you are using the same Admin ... (microsoft.public.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.win2000.security  > 2004-11