Bugtraq mailing list archives

Re: Security hole in Win2K's FTP server

From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Wed, 19 Jul 2000 13:20:22 +1000


In some mail from David LeBlanc, sie said:
[...]

Here's where I'd like to clarify things.  The most flexible way to
configure port filters on Win2k is through an IPSec policy, which can also
be enforced via propogation from the DC (saving you from having to run
around to each workstation).  Take care to put all affected machines in a
"OU" (Organizational Unit) so you don't get all your servers, too.


...and if you don't want to run a DC or you're using Linux as your DC ?

I'm sure if you build your house with Microsoft bricks and Microsoft
bricks only, things are different.  This sounds, to me, as if Microsoft
products are inherently insecure/weaker in a heterogenous environment.

Darren
IP Filter: Protecting Firewall-1 from the Internet

Current thread:

SuSE Security Announcement: tnef Thomas Biege (Jul 11)
- Re: SuSE Security Announcement: tnef Rainer Link (Jul 11)
- Security hole in Win2K's FTP server Bob Kline (Jul 11)
  - CONECTIVA LINUX SECURITY ANNOUNCEMENT - nfs-utils Conectiva Security (Jul 17)
  - Re: Security hole in Win2K's FTP server Dan Kaminsky (Jul 17)
    - Re: Security hole in Win2K's FTP server Adam Muntner (Jul 18)
    - Re: Security hole in Win2K's FTP server David LeBlanc (Jul 18)
    - Re: Security hole in Win2K's FTP server Darren Reed (Jul 18)
- MDKSA-2000:018 dump update Vincent Danen (Jul 11)
- Sun's Java Web Server remote command execution vulnerability stuart.mcclure () FOUNDSTONE COM (Jul 11)
- Attacking Windows 9x with Loadable Kernel Modules Solar Eclipse (Jul 12)