Re: Scheduling NTBackup to mapped drive

  • From: "Steve Moffat" <steve@xxxxxxxxxxxxxxxxxxxxxxxxxx>
  • To: "Exchange Weblist" <exchangelist@xxxxxxxxxxxxx>
  • Date: Mon, 9 Aug 2004 00:08:39 +0100

ohhh...it's hackers now lol.....well then matey.....that's
different...in that scenario, it doesn't matter whether they are locked
or not...if they get a connection...they'll get in. 

-----Original Message-----
From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx] 
Sent: Sunday, August 08, 2004 8:01 PM
To: Exchange Weblist
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

You've just started your career in IT right? Easy to tell.

Remember, hackers do STEALTH attacks. Every single IT and non-IT person
knows that, except perhaps you and Steve.

They don't bring a jack-hammer with them to pry your box loose, thereby
ENGAGING THE ALARM, and use a couple of people to carry your boxes to
their car. I mean, let's get real here.  

They use HACKING techniques, that's why they are called HACKERS (or to
be really correct, "CRACKERS.") The LAST things crackers/hackers want to
do is BE CAUGHT. So, they use STEALTH cracking. My gosh, this is
beginner stuff here.

This lesson will cost you $100.00.



-----Original Message-----
From: Keith Duemling [mailto:kduemling@xxxxxxx]
Sent: Sunday, August 08, 2004 6:52 PM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

Jared,

I agree completely with you regarding the need for physical security.
If physical security isn't present, neither locking the system or
leaving it unlocked will provide much of a line of defense against a
successful attack.
Pull the system out of the rack and take it home to hack at your own
convenience.

I'm only trying to obtain the correct answer to the question of....  "If
I put a server in a room and brick the entry points up and secure every
means of interacting with the system physically...what state should the
system remain in from an interactive login perspective?"

Thanks.

Keith Duemling
 
//end
-----Original Message-----
From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx]
Sent: Sunday, August 08, 2004 6:34 PM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

Keith, I wasn't speaking to you directly. In fact, I appreciate you
sending that to all. 

It states right there, 

"Again, it comes down to physical security:  Unless your computer is
always guarded by a person or a locked door, be sure to log off when you
leave the computer and ensure that all user accounts are password
protected."

And we ALL KNOW that all our servers ARE behind locked doors, so LOCK
THOSE SCREENS EVERYONE. You've now heard it from Microsoft, twice.

"That is, if an attacker can reach your unattended computer while an
administrator account is logged on, your passwords can be stolen.  An
attacker can steal the LSASS cache of hashed passwords and copy it to a
floppy disk in seconds."

HOW can a password be "stolen" if they can't get to the floppy drive??

Remember, all servers should have a case on them that lock. We have over
a hundred and all are locked with a key that the VP has, HR has, and the
lead engineer (me) has.

I can't even fathom anyone have servers that don't have locked cabinets
or cases. Jeez.

Remember, the keyboard most times, are NOT locked up, like the servers
are.
So, if you leave it logged off, anyone that is a member of your domain
can log right on!! By default, unless a domain controller, all "domain
users"
can log right onto your server, via Terminal Services, or via console.


-----Original Message-----
From: Keith Duemling [mailto:kduemling@xxxxxxx]
Sent: Sunday, August 08, 2004 6:21 PM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

Jared,

I'm not trying to take a side... Just find a document that says
something in either direction (and now I will review the documents you
have supplied).
Don't take this up with me, cause I'm not the author of the book.  I
suggest you take it up with the authors Ed Bott and Carl Siechert.  Send
comments to mspinput@xxxxxxxxxxxxx as per the notes in the book.

I'm not debating the functionality that Microsoft has included with
their systems, and I'm also not saying you shouldn't use it.  Just
pointing out what one source of information says in relation to the
topic.

I'm not afraid to admit I'm wrong, as I never claimed that I was right.
Have a good one Jared.

Keith Duemling
 
//end
-----Original Message-----
From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx]
Sent: Sunday, August 08, 2004 5:58 PM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

LOL. Right. And I have some land in the Sierra I'd like to sell you. 

How about the truth: 

http://techrepublic.com.com/5100-6329-1058522.html

http://www.microsoft.com/smallbusiness/gtm/securityguidance/articles/ste
p_5_
use_strong_passwords.mspx (read, "But all too often...")

http://labmice.techtarget.com/articles/securingwin2000.htm (look at
"password protect your..." which mentions ALL SERVERS.)

http://www.cpc.unc.edu/projects/addhealth/data/restricteduse/security/wi
n200
0server (look at #2)

Answer me this: Why would microsoft give the ability to lock all their
server screens?? Because they don't want you to USE IT!? Again, this is
common sense.

LOL Whew, sorry, I just blew a few junks. 

Hey my weak newbie, if your incredibly fragile ego can't take being
wrong, that's not my deal. SEE A SHRINK. 

TALK ABOUT DENIAL

-----Original Message-----
From: Keith Duemling [mailto:kduemling@xxxxxxx]
Sent: Sunday, August 08, 2004 5:46 PM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

Trying to add some documented references to the two sides of this issue
I have found the following statement in a Microsoft Press book.

-----------------------------------------

Book: Microsoft Windows Security for Windows XP and Windows 2000 Inside
Out
Publisher: Microsoft Press
Copyright: 2003
ISBN: 0-7356-1632-9

Pages: 111-112

Background: Statement made in reference to using Syskey to add an
additional layer of login protection for Windows based systems.

Statement:

"Caution: Bear in mind that this added startup requirement provides no
additional protection once the computer is up and running.  That is, if
an attacker can reach your unattended computer while an administrator
account is logged on, your passwords can be stolen.  An attacker can
steal the LSASS cache of hashed passwords and copy it to a floppy disk
in seconds.  Again, it comes down to physical security:  Unless your
computer is always guarded by a person or a locked door, be sure to log
off when you leave the computer and ensure that all user accounts are
password protected."

-----------------------------------------

This article might be useful for those locking their servers.
http://www.microsoft.com/technet/prodtechnol/windows2000pro/tips/loccon.
mspx


Keith Duemling
 
//end



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
JaredsJazz@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
kduemling@xxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
JaredsJazz@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
kduemling@xxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
JaredsJazz@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist

This E-Mail is confidential. It is not intended to be read, copied, disclosed 
or used by any person other than the recipient named above. 


Unauthorised use, disclosure, or copying is strictly prohibited and may be 
unlawful. Optimum IT Solutions disclaims any liability for any action taken in 
connection of this E-Mail. The comments or statements expressed in this E-Mail 
are not necessarily those of Optimum IT Solutions or its subsidiaries or 
affiliates.

administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx 




Other related posts: