[windows2000] Re: Security

  • From: Bill Beckett <Bill.Beckett@xxxxxxxxxx>
  • To: "'windows2000@xxxxxxxxxxxxx'" <windows2000@xxxxxxxxxxxxx>
  • Date: Thu, 4 Mar 2004 09:24:01 -0500

I do have account lockouts setup, however...what if:

You had account lockouts setup for ALL logins and the perpetrators tried
each local account until they were all locked. How would you get into the
box locally?

-----Original Message-----
From: Jim Kenzig http://thin.net [mailto:jimkenz@xxxxxxxxxxxxxx] 
Sent: Wednesday March 03, 2004 10:15 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Security


Right and if you had a firewall with intrusion detection it would do it for
you. (Sygate Pro does this especially well for DOS attacks) JK

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Bill Beckett
Sent: Wednesday, March 03, 2004 9:52 AM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Re: Security


Along those same lines, if I could find the IP of the originating station, I
could block that address at the firewall.

> -----Original Message-----
> From: Jim Kenzig http://thin.net [SMTP:jimkenz@xxxxxxxxxxxxxx]
> Sent: Wednesday, March 03, 2004 9:41 AM
> To:   windows2000@xxxxxxxxxxxxx
> Subject:      [windows2000] Re: Security
>
> You are wasting your time trying to "track" them. Most are in Tawain, 
> China or Russia.
> I am not sure what they are trying to get passwords to on your system that
> is open to the world. If it is Terminal Services you should enable all
> login
> success and failures and set it up so the accout is temporarily disabled
> after so many failures.
> This discourages most hackers.  In your firewall you should set it up so
> only allowed IP's can TS in.  For IIS you can do it the same way or set up
> IP authentication. If you have set up your system correctly and enforce
> strong passwords, you should have no worries about how often or how long
> people try to hack at it.  For example you can try and FTP into my server
> until you are blue in the face but unless you are coming from an approved
> IP
> and then have the proper username and password you'll never get in.
> JK
>
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts: