Cameron Kim
Mitsubishi Digital Electronics America
-----Original Message-----
From: Jason Aarons [mailto:jason.aarons (at) ireadyworld (dot) com [email concealed]]
Sent: Tuesday, October 14, 2003 10:43 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: Windows 2000 Server hardening
Can any third parties confirm the vulnerability or vouch for the
credibility of the firm making the claims ? Microsoft isn't saying
anything...
-----Original Message-----
From: Amer Karim [mailto:amerk (at) nautilis-sys (dot) com [email concealed]]
Sent: Monday, October 13, 2003 6:32 PM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: Windows 2000 Server hardening
It was posted to the bugtraq list on the 10th/11th of October; and
follow up posts indicate that Windows 2000 is confirmed as also being
vulnerable.
Regards,
Amer Karim
Nautilis Information Systems
e-mail: amerk (at) nautilis-sys (dot) com [email concealed]
-----Original Message-----
From: Stewart, Jack [mailto:Jack.Stewart (at) tyson (dot) com [email concealed]]
Sent: 13 October 2003 12:19
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: Windows 2000 Server hardening
Has anyone else heard about this - from the VigilantMinds website.
VigilantMinds has successfully validated the claims regarding the latest
>>
Microsoft Remote Procedure Call (RPC) vulnerability. Specifically, >>
VigilantMinds has validated that hosts running fully patched versions of
>>
the following Microsoft operating systems REMAIN subject to denial of >>
service attacks and possible remote exploitation: >> >> * Microsoft
Windows XP Professional >> * Microsoft Windows XP Home >> * Microsoft
Windows 2000 Workstation >> >> Although it has not been verified at this
time, other versions of >> Microsoft Windows are also suspected to be
subject to this >> vulnerability. >> >> As with the prior RPC
vulnerability (MS03-039), these attacks can occur >> on TCP ports 135,
139, 445 and 593; and UDP ports 135, 137, 138 and 445. >>
-----Original Message-----
From: Scott [mailto:scott (at) cleven-mulcahy (dot) com [email concealed]]
Sent: Monday, October 13, 2003 9:33 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: Windows 2000 Server hardening
Kurt was kind enough to remind me of another document. I should have
sent the link he provides below. It includes the W2K3 and XP security
guides, as well as the Threats and Countermeasures Guide.
Scott
-----Original Message-----
From: Kurt Dillard [mailto:kurtdill (at) microsoft (dot) com [email concealed]]
Sent: Monday, October 13, 2003 2:07 AM
To: Scott
Subject: RE: Windows 2000 Server hardening
Did you see this other guide I helped to write also? Threats and
Countermeasures: Security Settings in Windows Server 2003 and Windows
XP: http://go.microsoft.com/fwlink/?LinkId=15159
---
Visual & Easy-to-use are not words that you think of when talking about
network analyzers. Need to share problem information with colleagues
that do not read packets?
Download ClearSight Networks Analyzer and see a new network analysis
tool that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_focus-ms_031006
------------------------------------------------------------------------
---
This email, and any files transmitted with it are confidential and
intended solely for the use of the addressee. This email may contain
information protected by attorney-client privilege. If you are not the
intended addressee, then you have received this email in error and that
any use, dissemination, forwarding, printing, or copying of this email
is strictly prohibited.
Tyson Foods, Inc. will not be held liable to any person resulting from
the use of any information contained in this email. Tyson Foods, Inc.
will not be liable to any person who adds or deletes information
contained in this email, and will not be held liable to any person as a
result of any additions or deletions of information originally contained
in this email.
---
Visual & Easy-to-use are not words that you think of when talking about
network analyzers. Need to share problem information with colleagues
that do not read packets?
Download ClearSight Networks Analyzer and see a new network analysis
tool that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_focus-ms_031006
------------------------------------------------------------------------
---
Visual & Easy-to-use are not words that you think of when talking about
network analyzers. Need to share problem information with colleagues
that do not read packets?
Download ClearSight Networks Analyzer and see a new network analysis
tool that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_focus-ms_031006
------------------------------------------------------------------------
---
Visual & Easy-to-use are not words that you think of when talking about
network analyzers. Need to share problem information with colleagues
that
do not read packets?
Download ClearSight Networks Analyzer and see a new network analysis
tool
that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_focus-ms_031006
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
Visual & Easy-to-use are not words that you think of when talking about
network analyzers. Need to share problem information with colleagues that
do not read packets?
Download ClearSight Networks Analyzer and see a new network analysis tool
that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_focus-ms_031006
------------------------------------------------------------------------
---
the link
http://www.sarc.com/avcenter/security/Content/8811.html
Cameron Kim
Mitsubishi Digital Electronics America
-----Original Message-----
From: Jason Aarons [mailto:jason.aarons (at) ireadyworld (dot) com [email concealed]]
Sent: Tuesday, October 14, 2003 10:43 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: Windows 2000 Server hardening
Can any third parties confirm the vulnerability or vouch for the
credibility of the firm making the claims ? Microsoft isn't saying
anything...
-----Original Message-----
From: Amer Karim [mailto:amerk (at) nautilis-sys (dot) com [email concealed]]
Sent: Monday, October 13, 2003 6:32 PM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: Windows 2000 Server hardening
It was posted to the bugtraq list on the 10th/11th of October; and
follow up posts indicate that Windows 2000 is confirmed as also being
vulnerable.
Regards,
Amer Karim
Nautilis Information Systems
e-mail: amerk (at) nautilis-sys (dot) com [email concealed]
-----Original Message-----
From: Stewart, Jack [mailto:Jack.Stewart (at) tyson (dot) com [email concealed]]
Sent: 13 October 2003 12:19
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: Windows 2000 Server hardening
Has anyone else heard about this - from the VigilantMinds website.
VigilantMinds has successfully validated the claims regarding the latest
>>
Microsoft Remote Procedure Call (RPC) vulnerability. Specifically, >>
VigilantMinds has validated that hosts running fully patched versions of
>>
the following Microsoft operating systems REMAIN subject to denial of >>
service attacks and possible remote exploitation: >> >> * Microsoft
Windows XP Professional >> * Microsoft Windows XP Home >> * Microsoft
Windows 2000 Workstation >> >> Although it has not been verified at this
time, other versions of >> Microsoft Windows are also suspected to be
subject to this >> vulnerability. >> >> As with the prior RPC
vulnerability (MS03-039), these attacks can occur >> on TCP ports 135,
139, 445 and 593; and UDP ports 135, 137, 138 and 445. >>
-----Original Message-----
From: Scott [mailto:scott (at) cleven-mulcahy (dot) com [email concealed]]
Sent: Monday, October 13, 2003 9:33 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: Windows 2000 Server hardening
Kurt was kind enough to remind me of another document. I should have
sent the link he provides below. It includes the W2K3 and XP security
guides, as well as the Threats and Countermeasures Guide.
Scott
-----Original Message-----
From: Kurt Dillard [mailto:kurtdill (at) microsoft (dot) com [email concealed]]
Sent: Monday, October 13, 2003 2:07 AM
To: Scott
Subject: RE: Windows 2000 Server hardening
Did you see this other guide I helped to write also? Threats and
Countermeasures: Security Settings in Windows Server 2003 and Windows
XP: http://go.microsoft.com/fwlink/?LinkId=15159
------------------------------------------------------------------------
---
Visual & Easy-to-use are not words that you think of when talking about
network analyzers. Need to share problem information with colleagues
that do not read packets?
Download ClearSight Networks Analyzer and see a new network analysis
tool that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_focus-ms_031006
------------------------------------------------------------------------
---
This email, and any files transmitted with it are confidential and
intended solely for the use of the addressee. This email may contain
information protected by attorney-client privilege. If you are not the
intended addressee, then you have received this email in error and that
any use, dissemination, forwarding, printing, or copying of this email
is strictly prohibited.
Tyson Foods, Inc. will not be held liable to any person resulting from
the use of any information contained in this email. Tyson Foods, Inc.
will not be liable to any person who adds or deletes information
contained in this email, and will not be held liable to any person as a
result of any additions or deletions of information originally contained
in this email.
------------------------------------------------------------------------
---
Visual & Easy-to-use are not words that you think of when talking about
network analyzers. Need to share problem information with colleagues
that do not read packets?
Download ClearSight Networks Analyzer and see a new network analysis
tool that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_focus-ms_031006
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
Visual & Easy-to-use are not words that you think of when talking about
network analyzers. Need to share problem information with colleagues
that do not read packets?
Download ClearSight Networks Analyzer and see a new network analysis
tool that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_focus-ms_031006
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
Visual & Easy-to-use are not words that you think of when talking about
network analyzers. Need to share problem information with colleagues
that
do not read packets?
Download ClearSight Networks Analyzer and see a new network analysis
tool
that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_focus-ms_031006
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
Visual & Easy-to-use are not words that you think of when talking about
network analyzers. Need to share problem information with colleagues that
do not read packets?
Download ClearSight Networks Analyzer and see a new network analysis tool
that makes the complex - easy
http://www.securityfocus.com/sponsor/ClearSightNetworks_focus-ms_031006
------------------------------------------------------------------------
---
[ reply ]