Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Win2k / XP security?

Options
  • 09-05-2003 12:21am
    #1
    Synkro
    Registered Users Posts: 118 ✭✭


    Hey,

    i was wondering... just how safe/secure is win2k/XP? Im mean u have shared folders, with permissions... ie.. specific user names/pwds. but is that the 'be all and end all'?

    Ive heard about netbios threats, and the possibility to 'view' a list of the shared dirs and maybe files available on a machine... but not access them?

    My question is this.. What exactly is the necessity for a firewall? if window shares are secure, what other threats are out there?


    Thanks in advance

    Adrian

    please excuse the naivety ;)


Comments

  • Options
    #2
    zz03
    Closed Accounts Posts: 255 ✭✭zz03


    I’ve been going through a similar thought process for the past year or so.

    I don’t really trust Win2K. Aside from all we read about vulnerabilities and the mountain of “windowsupdates” one downloads etc. There is little consistency. One updates it or installs a SP and some security issues seem to go backwards – revealing new problems – or old problems that were fixed in the past become unfixed. Or one enters a particular setting and presses OK and when one re-boots the system the setting has been unselected again for some reason.

    If you are paying a security guard to keep a place secure, instructing him to keep door X locked at all times and when you make a surprise check find the door unlocked on several occasions – do you trust the individual or company who employs him? Ever again? Security is primarily the responsibility of the operating system. Yet windows 2000 has no in built firewall and many of the software firewalls on the market cause lots of problems (understatement!) when installed on this platform – even if they claim to be compatible.

    Windows XP seems to be even flakier in certain respects. I’m told, for example, that you can “break into” an XP system if you have the Windows 2000 Operating System CD – without knowledge of the XP’s passwords. While this isn’t a broadband risk (afaik) it is another reason to “fire” or not trust the “security guard”.

    Microsoft Passport (which contains personal info on some 170 million people) was vulnerable to a hack until last week. What other door has this company left open, yet to be discovered?

    If you have a firewall (ideally one in a box running outside the windows system) you can cut down rights of access to your system / network to the minimum by closing all unneeded ports and having the system monitor what’s coming in and going out (eg you click on site X’s url and the firewall only allows incoming traffic from that site).

    Good security is like an onion - ie it has several layers. You don't just lock the gate into your garden - you lock the front door and the windows as well. If you have something valuable you don't leave it on the hall table - even though the front door is locked.

    I have installed Windows 2003 Server on an old laptop for testing purposes. It is the first OS from MS that seems to have had any mature quality control. Time will tell as it becomes more exposed to the real world. At least so far it “does what it says on the box” unlike other products from the same stable.

    zz..


Advertisement