[15855] in bugtraq
Re: Security hole in Win2K's FTP server
daemon@ATHENA.MIT.EDU (Darren Reed)
Wed Jul 19 13:04:13 2000
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <200007190320.NAA19224@cairo.anu.edu.au>
Date: Wed, 19 Jul 2000 13:20:22 +1000
Reply-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
From: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
X-To: dleblanc@MINDSPRING.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <3.0.5.32.20000718131617.034842d0@pop.mindspring.com> from "David
LeBlanc" at Jul 18, 2000 01:16:17 PM
In some mail from David LeBlanc, sie said:
[...]
> Here's where I'd like to clarify things. The most flexible way to
> configure port filters on Win2k is through an IPSec policy, which can also
> be enforced via propogation from the DC (saving you from having to run
> around to each workstation). Take care to put all affected machines in a
> "OU" (Organizational Unit) so you don't get all your servers, too.
...and if you don't want to run a DC or you're using Linux as your DC ?
I'm sure if you build your house with Microsoft bricks and Microsoft
bricks only, things are different. This sounds, to me, as if Microsoft
products are inherently insecure/weaker in a heterogenous environment.
Darren
IP Filter: Protecting Firewall-1 from the Internet
