Re: 2003 Web Server Security flaw

From: Nobody (nobody)
Date: 12/29/03

• Next message: ERIC: "Net send to everyone attached to server?"
• Previous message: Karl Levinson [x y] mvp: "Re: 2003 Web Server Security flaw"
• In reply to: Karl Levinson [x y] mvp: "Re: 2003 Web Server Security flaw"
• Next in thread: Robert Moir: "Re: 2003 Web Server Security flaw"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 29 Dec 2003 08:38:41 -0500

See comments inline

"Karl Levinson [x y] mvp" <levinson_k@despammed.com> wrote in message
news:%23trEzjgzDHA.3196@TK2MSFTNGP11.phx.gbl...
>
> "Nobody" <nobody> wrote in message
> news:O0JbRSVzDHA.2928@TK2MSFTNGP09.phx.gbl...
>
> > First, your subject line is very misleading as none of those programs
are
> > security problems for the web platform provided no one uses them for any
> > purpose.
>
> That's a really big "IF" in most large organizations where you can't
expect
> 100% of your server admins to be security experts.

Ergo this equates to the human factor of computer security which I agree
cannot be 100% controlled, howevere this is not some inherent "built in" or
"newly discovered" flaw.

> > Second, if you want to "cripple" those programs as you say then you can
do
> > one of two things:
> >
> > 1. Delete the corrosponding exe file for each program
>
> Neither deleting files nor using ACLs are effective security measures, as
I
> argue in another post here.
>

Thats why I posted TWO options and stated group policies would be my
preferred method. However its been my experience that NTFS permissions and
group policies are the most effective means to prevent certain programs from
being run.

• Next message: ERIC: "Net send to everyone attached to server?"
• Previous message: Karl Levinson [x y] mvp: "Re: 2003 Web Server Security flaw"
• In reply to: Karl Levinson [x y] mvp: "Re: 2003 Web Server Security flaw"
• Next in thread: Robert Moir: "Re: 2003 Web Server Security flaw"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Active Directory network security ... AD's group policies can be used to keep AD itself pretty secure, ... down tightly for security within AD, but a rogue laptop that is not a domain ... When Microsoft first touted Active Directory they pushed for a Single Forest ... Auditing is also very important - audit changes in domain admin groups, ... (Focus-Microsoft) Re: Creating AD OU structure for GP deployment ... I'm looking at implementing group policies for both security and to deploy/maintain software in a small business with 3 sites. ... Um, I'd only consider myself intermediate as far as skill level with ADS but I've never heard of creating OUs for software, security and features. ... GPOs don't apply to containers, only to GPOs and to the domain/site level. ... (microsoft.public.windows.server.active_directory) Re: Creating AD OU structure for GP deployment ... For the group policy setup, I'd like to have "Group Policies" being the top ... but I've never heard of creating OUs for software, security and features. ... only to GPOs and to the domain/site level. ... (microsoft.public.windows.server.active_directory) Re: Active Directory design ... I've found that group policies tend to be created out of necessity rather ... implemented at the domain level as you are planning. ... default domain policy to define a small number of domain-wide settings ... If I go for the OU deployment scenario, do I need to place the Security ... (microsoft.public.win2000.active_directory) Error 1085 when GP refreshes ... I have an error 1085 when Group Policies refreshes. ... I have checked what happened before in Event Viewer and there is an ... Security policies were propagated with warning. ... (microsoft.public.windows.group_policy)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint