security "needs"

[AngryBob]

what area of security, if any, do you all think is not well covered or could be drastically improved by current hardware/software.

please dont say windows.

i believe that for the security market seems to focus on prevention, which is good, but there is not much out there to alert the average user that they have been hacked/trojaned etc. yes there is AV and firewalls, but they are often not updated and/or misconfigured. plus for something such as brute force the average user wouldnt know that that has happened.

maybe a "laymans" IDS would be good.

[Djwglpuppy]

A big problem is IIS 5.0. As soon as you activate it, you are waiting for someone to try and crack their way through port 80. Computers running IIS 5.0 are one the biggest threats for the nimda virus. I should know, I was one of the lucky many to actually get the virus.

Another huge security threat is the C$ share for W2k. If someone sniffs a 139 port open and gets through to your computer through Netbios: Even if you have no active network shares; all they have to do is put the \\255.255.255.255\C$ (255 represents the IP number) and they are in your system partition!!!! Great job to those at Microsoft!!!!!!

[ammo]

If you keep IIS patched and up to date, you're ok...

As for the share, you over state it a bit: you need admin access to access administrative shares (C$, ...). Not that it can't be done, but it's not THAT easy..
Besides, just disable sharing if you're not using it..

Ammo

[nebulus200]

I was always under the impression that if you turned off the services that it used and made some adjustments to your local security policy that even though the admin shares were there, nobody could get to them from the network (all bets are off if you log into a domain though...)

Will have to play with that now...

neb