, 2003-04-27
With Windows Server 2003, Microsoft has finally produced an operating system that isn't begging to be hacked on the first boot.
Expand all |
Post comment
Secure by Default - READ BEFORE YOU POST.
2003-04-28
Anonymous (2 replies)
Anonymous (2 replies)
Secure by Default - READ BEFORE YOU POST.
2003-04-28
Anonymous (1 replies)
Anonymous (1 replies)
Secure by Default, Insecure by Birth
2003-04-28
Drek Software Inc. (2 replies)
Drek Software Inc. (2 replies)
Well, I'll give you this much, Timster...
2003-04-28
Penguinisto (4 replies)
Penguinisto (4 replies)
Well, I'll give you this much, Timster...
2003-04-28
Anonymous (6 replies)
Anonymous (6 replies)
Well, I'll give you this much, Timster...
2003-04-29
Anonymous (2 replies)
Anonymous (2 replies)
Well, I'll give you this much, Timster...
2003-04-29
Penguinisto (1 replies)
Penguinisto (1 replies)
Well, I'll give you this much, Timster...
2003-04-29
Anonymous (2 replies)
Anonymous (2 replies)
Zealotry comes in all forms.
2003-04-29
matt@beatlab.org (2 replies)
matt@beatlab.org (2 replies)
Secure by Default (Pathetic)
2003-04-29
Anonymous (3 replies)
Anonymous (3 replies)
Secure by Default
2003-04-29
Anonymous (1 replies)
Anonymous (1 replies)
Ok, tell me then, what primary method would you use to secure an Active Directory environment with multiple forests? What foreign security principals would you create? What IPSec policies would you use to secure the services at the protocol layer? What type of Exchange public store restrictions would you put in place for your domains? How would you secure site replication? What changes would you make in the IIS metabase to secure it? How would you configure your domain trusts, group policies, account restrictions, IIS URLScan scripts?
=======================================
I'm not the initial guy who you're responding to, but you've given me such a chuckle that I have to chime in.
Forgive me if I'm passed off as someone who doesn't have a real job for disagreeing with you, but aren't these things based on the application, requirements, level of acceptable risk, and other factors? Security is much more than "setting domain policy"; it's about identifying risk and knowing what compensating controls mitigate them.
It's like you read chapter titles out of an MCSE book and are expecting someone to rattle off answers that suit your liking. If there was a one-size fits all configuration on all systems, even Windows would come with that configuration by default, no?
=======================================
Hmm... well, I really hope these are things you are testing while you are "tearing it apart". Or did you just install it on a little desktop and change the desktop wallpaper?
=======================================
Ah, there's nothing like an ad hominem attack to make everyone see you as the seasoned professional that you are.
=======================================
Oh, also, I'm interested as to why you would not choose W2K or W2K3 as one of your "family OS's". Serious question - I would really like to know - what is the technical reasoning for your dismissal of W2K3?
=======================================
I'm not the first guy, so I don't know his reasons, but I choose Linux as my primary OS because I've been using UNIX (and been involved in Information Security) before Microsoft even had a TCP stack.
I use Windows too for some applications, and in my previous life as a Security Engineer, I've designed systems that had Microsoft components. But to rattle off the first 10 questions you saw on your MCSE exam you took yesterday, and pass that off on why W2K(3) is great is flat out laughable.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/157/19674#19674