Results 1 to 4 of 4

Thread: security "needs"

  1. #1
    Join Date
    Apr 2002

    security "needs"

    what area of security, if any, do you all think is not well covered or could be drastically improved by current hardware/software.

    please dont say windows.

    i believe that for the security market seems to focus on prevention, which is good, but there is not much out there to alert the average user that they have been hacked/trojaned etc. yes there is AV and firewalls, but they are often not updated and/or misconfigured. plus for something such as brute force the average user wouldnt know that that has happened.

    maybe a "laymans" IDS would be good.

  2. #2
    Junior Member
    Join Date
    Jul 2002
    A big problem is IIS 5.0. As soon as you activate it, you are waiting for someone to try and crack their way through port 80. Computers running IIS 5.0 are one the biggest threats for the nimda virus. I should know, I was one of the lucky many to actually get the virus.

    Another huge security threat is the C$ share for W2k. If someone sniffs a 139 port open and gets through to your computer through Netbios: Even if you have no active network shares; all they have to do is put the \\\C$ (255 represents the IP number) and they are in your system partition!!!! Great job to those at Microsoft!!!!!!

  3. #3
    Senior Member
    Join Date
    Sep 2001
    If you keep IIS patched and up to date, you're ok...

    As for the share, you over state it a bit: you need admin access to access administrative shares (C$, ...). Not that it can't be done, but it's not THAT easy..
    Besides, just disable sharing if you're not using it..

    Credit travels up, blame travels down -- The Boss

  4. #4
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    I was always under the impression that if you turned off the services that it used and made some adjustments to your local security policy that even though the admin shares were there, nobody could get to them from the network (all bets are off if you log into a domain though...)

    Will have to play with that now...

    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts