[Dshield] Is this some kind of washing hands or pointing fingers at innocent parties?

Ed Truitt ed.truitt at etee2k.net
Wed Sep 11 11:59:46 GMT 2002


Actually, there are valid reasons for these recommendations.  IIRC, two of
the major ones were "eliminate blank or weak administrator passwords" and
"stay up-to-date on security patches".  These are also mentioned in the
"SANS/FBI Top 20 List", which can be viewed at

http://www.sans.org/top20.htm

SQLSnake and Nimda/CRII are good examples of what can happen when you don't
follow these.

Running current A/V software and making sure your internal servers are
behind a firewall are also considered generally good things to do.
Disabling the GUEST account is a Windows-specific thing, but it is also a
very good thing to do (in fact, renaming the account, setting the password
to a randomized strong string (alpha, numeric, special and non-printable
characters), and setting the flag to prevent it from logging on, is probably
the best thing you can do to it.

Cheers,
Ed Truitt
PGP fingerprint:  5368 D25E 468C A250 9833  CCD6 DBAE 9C25 02F9 0AB9
http://www.etee2k.net
http://www.bsatroop148.org

"Note to spammers:  my 'delete' key is connected to YOUR ISP.
 Also, if you send me UCE, I reserve the right to post your spew
on my Web site, with the appropriate color commentary, so that
others may have a good laugh at your expense."


----- Original Message -----
From: "Peter Stendahl-Juvonen" <peter.stendahl-juvonen at welho.com>
To: "Dshield General DShield Discussion List" <list at dshield.org>
Sent: Wednesday, September 11, 2002 6:19 AM
Subject: [Dshield] Is this some kind of washing hands or pointing fingers at
innocent parties?


>
> Do genuine grounds for recommendations like these (in chapter
> "Prevention") exist, or is this some kind of washing hands or pointing
> fingers at innocent parties?
>
> http://support.microsoft.com/default.aspx?scid=kb;en-us;q328691
> (MicrosoftR Knowledge Base article - Q328691, MIRC Trojan-Related Attack
> Detection and Repair)
>
> "Instead, the attacks seek to take advantage of situations where
> standard precautions have not been taken as detailed in the "Prevention"
> section of this article."
>
>
> -Peter
>
>           "A single stone can cause a building to collapse."
>
>    Francisco de Quevedo y Villegas (1580-1645); Spanish writer.
>
>
>
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list
>




More information about the list mailing list