Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Items within XP SP2 and Win2003

from [Eric McCarty] Network Security [Permanent Link]
Subject: RE: Items within XP SP2 and Win2003
Date: Tue, 28 Sep 2004 07:44:11 -0700 
Who doesn't have a border firewall? commonly its router - firewall -
switch. So you propose to do address filtering on your host based
firewall ?. I suggest rethinking this strategy as IP Address range
blocking should be done at the border router or firewall long before any
Network Translations are done or any traffic traverses the local
network. I can imagine a plethora of ways to get around host based IP
restrictions, can't get to server1, take over another machine on
internal network, then get to server1 and likewise. 

Running a host based firewall will not allow an extra layer of security
if its doing the same thing the border router/firewall is doing. 

In order to browse the internet from the server you will have to add a
lot of sites to the trusted sites list, and once a site is considered
trusted it's all over anyway. 

-----Original Message-----
From: Depp, Dennis M. [mailto:deppdm@ornl.gov] 
Sent: Tuesday, September 28, 2004 4:18 AM
To: Eric McCarty; larobins@bellatlantic.net; Joe Doyle;
focus-ms@securityfocus.com
Subject: RE: Items within XP SP2 and Win2003

Eric,

A firewall will not only block services, but it will also selectively
allow services.  For example, I might need to run a web server, but I
only want users from a buisness partner to access this site.  I can use
the firewall to limit access to a specific IP address or subnet.  In
this case, a host based firewall can add another layer of security to a
system.  I do agree that you should not be browsing the internet from a
server.  However, some people will continue to browse the internet from
servers.  The enhancements to IE6 with W2K3 will not affect you or I,
but they will affect many others.  

Dennis 


-----Original Message-----
From: Eric McCarty [mailto:eric@lawmpd.com]
Sent: Monday, September 27, 2004 5:26 PM
To: Depp, Dennis M.; larobins@bellatlantic.net; Joe Doyle; 
focus-ms@securityfocus.com
Subject: RE: Items within XP SP2 and Win2003

I think this is a contradiction. On a server, you should turn off all 
services you have no intention of having clients connect to, not setup



a firewall to block them. Next you should not be browsing the internet



using your server, and if you noticed, the enhanced browser security 
prevents this for the most part anyway.

Eric



-----Original Message-----
From: Depp, Dennis M. [mailto:deppdm@ornl.gov]
Sent: Monday, September 27, 2004 9:27 AM
To: larobins@bellatlantic.net; Joe Doyle; focus-ms@securityfocus.com
Subject: RE: Items within XP SP2 and Win2003

WRT Windows firewall and IE updates.

Dennis


-----Original Message-----
From: Laura A. Robinson [mailto:larobins@bellatlantic.net]
Sent: Sunday, September 26, 2004 2:38 AM
To: 'Joe Doyle'; focus-ms@securityfocus.com
Subject: RE: Items within XP SP2 and Win2003

In what respects?

Laura


-----Original Message-----
From: Joe Doyle [mailto:joe.doyle@promega.com]
Sent: Wednesday, September 22, 2004 5:38 PM
To: focus-ms@securityfocus.com
Subject: RE: Items within XP SP2 and Win2003


Not yet.  Windows 2003 Service Pack 1 is supposed to

bring it up to

speed with Windows XP SP2.

Joe

-----Original Message-----
From: James Bowman [mailto:jim@drexel.edu]
Sent: Sunday, September 19, 2004 9:11 PM
To: focus-ms@securityfocus.com
Subject: Items within XP SP2 and Win2003



Is their a set of hotfixes needed for 2003 that make it

comprable in


features / overall security posture to XP SP2?



Although there's probably a bevy of XP SP2 items embedded

in 2003, I


would imagine there's a bunch that's not...



Thanks

--------------------------------------------------------------
----------
---
--------------------------------------------------------------
----------
---




--------------------------------------------------------------
-------------
--------------------------------------------------------------
-------------




--------------------------------------------------------------
-------------
--------------------------------------------------------------
-------------




--------------------------------------------------------------
----------
---
--------------------------------------------------------------
----------
---




---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Items within XP SP2 and Win2003, Eric McCarty
Next by Date:  RE: Items within XP SP2 and Win2003, Depp, Dennis M.
Previous by Thread:  RE: Items within XP SP2 and Win2003, Eric McCarty
Next by Thread:  Re: Items within XP SP2 and Win2003, Thor
Indexes:  [Date] [Thread] [Top] [All Lists]