[Dshield] Is this some kind of washing hands or pointing fingers at innocent parties?
ed.truitt at etee2k.net
Wed Sep 11 11:59:46 GMT 2002
Actually, there are valid reasons for these recommendations. IIRC, two of
the major ones were "eliminate blank or weak administrator passwords" and
"stay up-to-date on security patches". These are also mentioned in the
"SANS/FBI Top 20 List", which can be viewed at
SQLSnake and Nimda/CRII are good examples of what can happen when you don't
Running current A/V software and making sure your internal servers are
behind a firewall are also considered generally good things to do.
Disabling the GUEST account is a Windows-specific thing, but it is also a
very good thing to do (in fact, renaming the account, setting the password
to a randomized strong string (alpha, numeric, special and non-printable
characters), and setting the flag to prevent it from logging on, is probably
the best thing you can do to it.
PGP fingerprint: 5368 D25E 468C A250 9833 CCD6 DBAE 9C25 02F9 0AB9
"Note to spammers: my 'delete' key is connected to YOUR ISP.
Also, if you send me UCE, I reserve the right to post your spew
on my Web site, with the appropriate color commentary, so that
others may have a good laugh at your expense."
----- Original Message -----
From: "Peter Stendahl-Juvonen" <peter.stendahl-juvonen at welho.com>
To: "Dshield General DShield Discussion List" <list at dshield.org>
Sent: Wednesday, September 11, 2002 6:19 AM
Subject: [Dshield] Is this some kind of washing hands or pointing fingers at
> Do genuine grounds for recommendations like these (in chapter
> "Prevention") exist, or is this some kind of washing hands or pointing
> fingers at innocent parties?
> (MicrosoftR Knowledge Base article - Q328691, MIRC Trojan-Related Attack
> Detection and Repair)
> "Instead, the attacks seek to take advantage of situations where
> standard precautions have not been taken as detailed in the "Prevention"
> section of this article."
> "A single stone can cause a building to collapse."
> Francisco de Quevedo y Villegas (1580-1645); Spanish writer.
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
More information about the list