I'm doing it wrong...LMAO...for your information, I actually leave the servers I administer logged on and locked....I'm just making the point as William Lefkovics did...the only secure server is one that is not plugged in and the network cable is unplugged. -----Original Message----- From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx] Sent: Sunday, August 08, 2004 8:19 PM To: Exchange Weblist Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive http://www.MSExchange.org/ Poor Stevo, still after ALL THIS PROOF given, you can't accept you've been doing it wrong all these years? Tisk Tisk. If one was to look up "fragile ego" in the dictionary, your picture would be the sole definition. -----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: Sunday, August 08, 2004 7:09 PM To: [ExchangeList] Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive http://www.MSExchange.org/ ohhh...it's hackers now lol.....well then matey.....that's different...in that scenario, it doesn't matter whether they are locked or not...if they get a connection...they'll get in. -----Original Message----- From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx] Sent: Sunday, August 08, 2004 8:01 PM To: Exchange Weblist Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive http://www.MSExchange.org/ You've just started your career in IT right? Easy to tell. Remember, hackers do STEALTH attacks. Every single IT and non-IT person knows that, except perhaps you and Steve. They don't bring a jack-hammer with them to pry your box loose, thereby ENGAGING THE ALARM, and use a couple of people to carry your boxes to their car. I mean, let's get real here. They use HACKING techniques, that's why they are called HACKERS (or to be really correct, "CRACKERS.") The LAST things crackers/hackers want to do is BE CAUGHT. So, they use STEALTH cracking. My gosh, this is beginner stuff here. This lesson will cost you $100.00. -----Original Message----- From: Keith Duemling [mailto:kduemling@xxxxxxx] Sent: Sunday, August 08, 2004 6:52 PM To: [ExchangeList] Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive http://www.MSExchange.org/ Jared, I agree completely with you regarding the need for physical security. If physical security isn't present, neither locking the system or leaving it unlocked will provide much of a line of defense against a successful attack. Pull the system out of the rack and take it home to hack at your own convenience. I'm only trying to obtain the correct answer to the question of.... "If I put a server in a room and brick the entry points up and secure every means of interacting with the system physically...what state should the system remain in from an interactive login perspective?" Thanks. Keith Duemling //end -----Original Message----- From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx] Sent: Sunday, August 08, 2004 6:34 PM To: [ExchangeList] Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive http://www.MSExchange.org/ Keith, I wasn't speaking to you directly. In fact, I appreciate you sending that to all. It states right there, "Again, it comes down to physical security: Unless your computer is always guarded by a person or a locked door, be sure to log off when you leave the computer and ensure that all user accounts are password protected." And we ALL KNOW that all our servers ARE behind locked doors, so LOCK THOSE SCREENS EVERYONE. You've now heard it from Microsoft, twice. "That is, if an attacker can reach your unattended computer while an administrator account is logged on, your passwords can be stolen. An attacker can steal the LSASS cache of hashed passwords and copy it to a floppy disk in seconds." HOW can a password be "stolen" if they can't get to the floppy drive?? Remember, all servers should have a case on them that lock. We have over a hundred and all are locked with a key that the VP has, HR has, and the lead engineer (me) has. I can't even fathom anyone have servers that don't have locked cabinets or cases. Jeez. Remember, the keyboard most times, are NOT locked up, like the servers are. So, if you leave it logged off, anyone that is a member of your domain can log right on!! By default, unless a domain controller, all "domain users" can log right onto your server, via Terminal Services, or via console. -----Original Message----- From: Keith Duemling [mailto:kduemling@xxxxxxx] Sent: Sunday, August 08, 2004 6:21 PM To: [ExchangeList] Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive http://www.MSExchange.org/ Jared, I'm not trying to take a side... Just find a document that says something in either direction (and now I will review the documents you have supplied). Don't take this up with me, cause I'm not the author of the book. I suggest you take it up with the authors Ed Bott and Carl Siechert. Send comments to mspinput@xxxxxxxxxxxxx as per the notes in the book. I'm not debating the functionality that Microsoft has included with their systems, and I'm also not saying you shouldn't use it. Just pointing out what one source of information says in relation to the topic. I'm not afraid to admit I'm wrong, as I never claimed that I was right. Have a good one Jared. Keith Duemling //end -----Original Message----- From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx] Sent: Sunday, August 08, 2004 5:58 PM To: [ExchangeList] Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive http://www.MSExchange.org/ LOL. Right. And I have some land in the Sierra I'd like to sell you. How about the truth: http://techrepublic.com.com/5100-6329-1058522.html http://www.microsoft.com/smallbusiness/gtm/securityguidance/articles/ste p_5_ use_strong_passwords.mspx (read, "But all too often...") http://labmice.techtarget.com/articles/securingwin2000.htm (look at "password protect your..." which mentions ALL SERVERS.) http://www.cpc.unc.edu/projects/addhealth/data/restricteduse/security/wi n200 0server (look at #2) Answer me this: Why would microsoft give the ability to lock all their server screens?? Because they don't want you to USE IT!? Again, this is common sense. LOL Whew, sorry, I just blew a few junks. Hey my weak newbie, if your incredibly fragile ego can't take being wrong, that's not my deal. SEE A SHRINK. TALK ABOUT DENIAL -----Original Message----- From: Keith Duemling [mailto:kduemling@xxxxxxx] Sent: Sunday, August 08, 2004 5:46 PM To: [ExchangeList] Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive http://www.MSExchange.org/ Trying to add some documented references to the two sides of this issue I have found the following statement in a Microsoft Press book. ----------------------------------------- Book: Microsoft Windows Security for Windows XP and Windows 2000 Inside Out Publisher: Microsoft Press Copyright: 2003 ISBN: 0-7356-1632-9 Pages: 111-112 Background: Statement made in reference to using Syskey to add an additional layer of login protection for Windows based systems. Statement: "Caution: Bear in mind that this added startup requirement provides no additional protection once the computer is up and running. That is, if an attacker can reach your unattended computer while an administrator account is logged on, your passwords can be stolen. An attacker can steal the LSASS cache of hashed passwords and copy it to a floppy disk in seconds. Again, it comes down to physical security: Unless your computer is always guarded by a person or a locked door, be sure to log off when you leave the computer and ensure that all user accounts are password protected." ----------------------------------------- This article might be useful for those locking their servers. http://www.microsoft.com/technet/prodtechnol/windows2000pro/tips/loccon. mspx Keith Duemling //end ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: JaredsJazz@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: kduemling@xxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: JaredsJazz@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: kduemling@xxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: JaredsJazz@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist This E-Mail is confidential. It is not intended to be read, copied, disclosed or used by any person other than the recipient named above. Unauthorised use, disclosure, or copying is strictly prohibited and may be unlawful. Optimum IT Solutions disclaims any liability for any action taken in connection of this E-Mail. The comments or statements expressed in this E-Mail are not necessarily those of Optimum IT Solutions or its subsidiaries or affiliates. administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: JaredsJazz@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist This E-Mail is confidential. It is not intended to be read, copied, disclosed or used by any person other than the recipient named above. Unauthorised use, disclosure, or copying is strictly prohibited and may be unlawful. Optimum IT Solutions disclaims any liability for any action taken in connection of this E-Mail. The comments or statements expressed in this E-Mail are not necessarily those of Optimum IT Solutions or its subsidiaries or affiliates. administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx