[windows2000] Re: Security

  • From: "Twigg, Craig" <Craig.Twigg@xxxxxxxxxxxxxxxx>
  • To: <windows2000@xxxxxxxxxxxxx>
  • Date: Wed, 3 Mar 2004 14:42:59 -0000

what's the IP?

lol

-----Original Message-----
From: Jim Kenzig http://thin.net [mailto:jimkenz@xxxxxxxxxxxxxx]
Sent: 03 March 2004 14:41
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Security


You are wasting your time trying to "track" them. Most are in Tawain, China
or Russia.
I am not sure what they are trying to get passwords to on your system that
is open to the world. If it is Terminal Services you should enable all login
success and failures and set it up so the accout is temporarily disabled
after so many failures.
This discourages most hackers.  In your firewall you should set it up so
only allowed IP's can TS in.  For IIS you can do it the same way or set up
IP authentication. If you have set up your system correctly and enforce
strong passwords, you should have no worries about how often or how long
people try to hack at it.  For example you can try and FTP into my server
until you are blue in the face but unless you are coming from an approved IP
and then have the proper username and password you'll never get in.
JK

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Bill Beckett
Sent: Wednesday, March 03, 2004 9:14 AM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Security


How do you guys (aka the list) handle tracking down hackers without IDS? I
know there is a program out there (can't remember the name) that will allow
a hacker to scan systems for valid accounts. These accounts, of course, can
be disabled but if some are enabled they can just start firing off random
passwords. I can see entries/attempts in our sec log but there is no IP to
trace them back to.
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm


****************************************************************************************
This email and any files transmitted with it may contain information
which is privileged and confidential, the disclosure of which is 
prohibited by law and intended solely for the use of the individual or 
entity to whom they are addressed. If you have received this email in 
error please note any dissemination, distribution or copying of this 
message is strictly prohibited.  Please notify the sender immediately
if you have received this email by mistake and delete it from your 
system.
Email transmissions cannot be guaranteed to be secure or error-free as
information can be intercepted, corrupted, lost, destroyed, arrive late 
or incomplete, or contain viruses.  The sender therefore does not accept 
liability for any errors or omissions in the contents of this message 
which arise as a result of email transmission.  If verification is 
required please request a hard copy version.
Thank you for your co-operation.
****************************************************************************************

********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts: