Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Secure by Default
Tim Mullen, 2003-04-27

With Windows Server 2003, Microsoft has finally produced an operating system that isn't begging to be hacked on the first boot.

Comments Mode:
Secure by Default - oh boy, here we go again. 2003-04-28
Anonymous
Secure by Default - READ BEFORE YOU POST. 2003-04-28
Anonymous (2 replies)
Secure by Default - READ BEFORE YOU POST. 2003-04-28
Anonymous (1 replies)
Secure by Default - READ BEFORE YOU POST. 2003-04-29
Anonymous (2 replies)
You have?

Ok, tell me then, what primary method would you use to secure an Active Directory environment with multiple forests? What foreign security principals would you create? What IPSec policies would you use to secure the services at the protocol layer? What type of Exchange public store restrictions would you put in place for your domains? How would you secure site replication? What changes would you make in the IIS metabase to secure it? How would you configure your domain trusts, group policies, account restrictions, IIS URLScan scripts?

Hmm... well, I really hope these are things you are testing while you are "tearing it apart". Or did you just install it on a little desktop and change the desktop wallpaper?

Do me a favor, write a whitepaper after your review - I would love your "professional" opinion.

Oh, also, I'm interested as to why you would not choose W2K or W2K3 as one of your "family OS's". Serious question - I would really like to know - what is the technical reasoning for your dismissal of W2K3?

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/157/19629#19629
Yawn. Another "I'm more geeky than you" pissing contest. (N/T) 2003-04-30
Anonymous
Secure by Default - READ BEFORE YOU POST. 2003-04-30
Anonymous (2 replies)
Secure by Default - READ BEFORE YOU POST. 2003-05-01
Anonymous (3 replies)
Secure by Default - READ BEFORE YOU POST. 2003-05-02
Anonymous
Secure by Default - READ BEFORE YOU POST. 2003-05-02
Penguinisto (1 replies)
Secure by Default - Learn something (before you reply again). 2003-05-06
Anonymous (1 replies)
Oh puh-leeze - you have to resort to sematics games? 2003-05-08
Penguinisto
Secure by Default - READ BEFORE YOU POST. 2003-05-03
Anonymous
Secure by Default - READ BEFORE YOU POST. 2003-05-06
Anonymous
Secure by Default - READ BEFORE YOU POST. 2003-04-30
Anonymous
Secure by Default, Insecure by Birth 2003-04-28
Drek Software Inc. (2 replies)
Secure by Default, Insecure by Birth 2003-04-28
Anonymous
Secure by Default, Insecure by Birth 2003-05-03
Anonymous (2 replies)
Secure by Default, Insecure by Birth 2003-05-05
Anonymous
Secure by Default, Insecure by Birth 2003-05-06
Anonymous
Secure by Default 2003-04-28
alexbal
Secure by Default 2003-04-28
Anonymous
Secure by Default 2003-04-28
xenophi1e <oliver.lavery@sympatico.ca> (1 replies)
It's partly real, but partly a PR thing 2003-04-30
Anonymous
Well, I'll give you this much, Timster... 2003-04-28
Penguinisto (4 replies)
Well, I'll give you this much, Timster... 2003-04-28
Anonymous (6 replies)
Well, I'll give you this much, Timster... 2003-04-29
Anonymous (2 replies)
Well, I'll give you this much, Timster... 2003-04-29
Penguinisto (1 replies)
Well, I'll give you this much, Timster... 2003-05-03
Anonymous (1 replies)
Well, I'll give you this much, Timster... 2003-05-05
Penguinisto
Well, I'll give you this much, Timster... 2003-04-29
Anonymous
Well, I'll give you this much, Timster... 2003-04-29
Anonymous
Well, I'll give you this much, Timster... 2003-04-29
xenophi1e <oliver.lavery@sympatico.ca>
Well, I'll give you this much, Timster... 2003-04-29
Anonymous
Well, I'll give you this much, Timster... 2003-04-29
Penguinisto
Well, I'll give you this much, Timster... 2003-04-29
Anonymous
Well, I'll give you this much, Timster... 2003-04-29
Anonymous (2 replies)
Zealotry comes in all forms. 2003-04-29
matt@beatlab.org (2 replies)
Zealotry comes in all forms. 2003-04-29
blacklight (1 replies)
Zealotry comes in all forms. 2003-05-02
Penguinisto
Zealotry comes in all forms. 2003-05-06
Noran Rad
Well, I'll give you this much, Timster... 2003-04-29
Anonymous
Well, I'll give you this much, Timster... 2003-04-30
Anonymous (1 replies)
Well, I'll give you this much, Timster... 2003-05-02
Penguinisto
Well, I'll give you this much, Timster... 2003-05-03
Anonymous
Secure by Default 2003-04-29
blacklight
Secure by Default (Pathetic) 2003-04-29
Anonymous (3 replies)
Secure by Default (Pathetic) 2003-04-30
Th. Klein
Opinionated by Default (Pathetic) 2003-04-30
Bruce
Secure by Default (Pathetic) 2003-05-02
blacklight (2 replies)
Secure by Default (Pathetic) 2003-05-02
Anonymous
Secure by Default (Pathetic) 2003-05-03
Anonymous
Secure by Default 2003-04-29
Anonymous (1 replies)
Secure by Default 2003-04-29
Doug Sibley (3 replies)
Secure by Default 2003-04-29
Anonymous
Secure by Default 2003-04-30
Anonymous
Secure by Default 2003-05-03
Anonymous
Secure by Default 2003-04-29
Anonymous (1 replies)
Secure by Default 2003-05-01
Anonymous
Hrm 2003-04-30
DC0 (1 replies)
Hrm 2003-05-02
Ryan Lambert
Secure by Default 2003-05-02
Ryan Lambert
Where can I find the companion texts you cited? 2003-05-02
Jim Barrett (1 replies)
Where can I find the companion texts you cited? 2003-05-06
Anonymous
Partial list of on default default services in ws2003 2003-05-05
Anonymous (1 replies)
Partial list of on default default services in ws2003 2003-05-06
Anonymous







 

Privacy Statement
Copyright 2009, SecurityFocus