Re: 2003 Web Server Security flaw

From: Jupiter Jones [MVP] (jones_jupiter_at_hotnomail.com)
Date: 12/28/03

• Next message: Nobody: "Re: 2003 Web Server Security flaw"
• Previous message: Paul Rossi: "Re: WPA security in server 2003"
• In reply to: Robert Waite: "Re: 2003 Web Server Security flaw"
• Next in thread: Karl Levinson [x y] mvp: "Re: 2003 Web Server Security flaw"
• Reply: Karl Levinson [x y] mvp: "Re: 2003 Web Server Security flaw"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 28 Dec 2003 13:42:42 -0700

Robert;
If a hacker is already inside, it would seem it is necessary to worry
about repairing the wall that is broken down instead of worrying about
a small window that may be broken at a later time.

If the hacker is inside past the firewall, it is no longer your system
as it now belongs to the hacker.

-- 
Jupiter Jones  [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
http://dts-l.org/index.html
"Robert Waite" <bob2dev@tampabay.rr.com> wrote in message
news:uUNxA5VzDHA.4060@TK2MSFTNGP11.phx.gbl...
> If  a hacker can get past the firewall and into the Web Server,
>  he MAY not require someone to be using the program exe.
> [Norberg wrote a superb book on W2k security I read some years ago.]
>
> Those EXEs use DLLs which the hacker might use.
>
> The fact I can not simply delete the folders for those programs,
because I
> get
> a "access denied... (unspecified) file in use" type message [I'm the
> Administrator by the way]
> shows some are those DLLs are loaded in memory, BY DEFAULT, and
therefore a
> risk.
>
> Thanks anyway.

• Next message: Nobody: "Re: 2003 Web Server Security flaw"
• Previous message: Paul Rossi: "Re: WPA security in server 2003"
• In reply to: Robert Waite: "Re: 2003 Web Server Security flaw"
• Next in thread: Karl Levinson [x y] mvp: "Re: 2003 Web Server Security flaw"
• Reply: Karl Levinson [x y] mvp: "Re: 2003 Web Server Security flaw"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Stolen Registration. ... Otherwise you will NEVER be assured all holes emplaced by the hacker ... An easier way to read newsgroup messages: ... > how you can check your system info out through control ... > registeration steel and to see what else they may have ... (microsoft.public.windowsxp.security_admin) Re: How deo I get this hacker OUT ... However if a hacker is there, there is no telling to what extent he ... Jupiter Jones [MVP] ... An easier way to read newsgroup messages: ... fine but I could trash you're firewall" and "D--- You should report me ... (microsoft.public.windowsxp.security_admin) Re: HACKERS ... If a hacker has access to a computer, assume the hacker has access to ... Jupiter Jones [MVP] ... An easier way to read newsgroup messages: ... "Desperately needing help" wrote ... (microsoft.public.security) Re: 2003 Web Server Security flaw ... > If a hacker can get past the firewall and into the Web Server, ... > he MAY not require someone to be using the program exe. ... (microsoft.public.windows.server.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint