If a worm does hit, Windows 2000 users won't be hit as hard as users of
Windows XP, he says, because Windows 2000 isn't exploitable by an anonymous
or "null session" so any attacks, whether by a hacker or a worm, could come
only from systems with the proper access rights.
Is this correct? What about Windows 2K backward compatibility for mixed
NT4/2000 environments? RestrictAnonymous=1? Trust Relationships between AD
and NT4 domains? Aren't they doing some wishful thinking in the above
statement or am I missing something?
------------------------------------------------------------------------
---
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_focus-ms_031027
and use priority code SF4.
------------------------------------------------------------------------
---
If a worm does hit, Windows 2000 users won't be hit as hard as users of
Windows XP, he says, because Windows 2000 isn't exploitable by an anonymous
or "null session" so any attacks, whether by a hacker or a worm, could come
only from systems with the proper access rights.
from InformationWeek:
http://www.securitynewsportal.com/cgi-bin/news5.cgi?target=www.newsnow.c
o.uk
/cgi/NGoto/43155347?-2622
Is this correct? What about Windows 2K backward compatibility for mixed
NT4/2000 environments? RestrictAnonymous=1? Trust Relationships between AD
and NT4 domains? Aren't they doing some wishful thinking in the above
statement or am I missing something?
------------------------------------------------------------------------
---
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_focus-ms_031027
and use priority code SF4.
------------------------------------------------------------------------
---
[ reply ]