-Weidner
*Sent:* 05 March 2006 08:35
*To:* ActiveDir@mail.activedir.org
mailto:ActiveDir@mail.activedir.org
*Subject:* RE: [ActiveDir] How Secure is a Domain Controller?
I've written down some related thoughts once:
http://msmvps.com/blogs/ulfbsimonweidner/archive/2004/10
I'm really interested to see how this pans out.
Date: Sun, 30 Apr 2006 12:33:45 -0400 From: [EMAIL PROTECTED] To:
ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] How Secure is a Domain
Controller? The answer to that last isn't terribly difficult. Just ask
yourself what
: [ActiveDir] How Secure is a Domain Controller? Date: Sun, 30 Apr 2006 11:44:55 -0500 Thishasbeenmakingtheroundsasoflate,soIamnotsureifithasbeenpostedhere: SecurityMythsandPasswordsbyProf.Spafford andsomethingfrom2002: TenWindowsPasswordMyths Now...whereIam
]
[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA
aka Ebitz - SBS Rocks [MVP]
Sent: Monday, April 03, 2006 10:06 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How Secure is a Domain Controller?
Sorry one more thing.. in a Center for Internet Security project to set
Baseline
:* RE: [ActiveDir] How Secure is a Domain Controller?I've written down some related thoughts once:
http://msmvps.com/blogs/ulfbsimonweidner/archive/2004/10/24/16568.aspx Gruesse - Sincerely,
Ulf B. Simon-Weidner MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz Weblog:
http
2006 08:35
*To:* ActiveDir@mail.activedir.org
mailto:ActiveDir@mail.activedir.org
*Subject:* RE: [ActiveDir] How Secure is a Domain Controller?
I've written down some related thoughts once:
http://msmvps.com/blogs/ulfbsimonweidner/archive/2004/10/24/16568.aspx
Ebitz - SBS Rocks [MVP]
Sent: Monday, April 03, 2006 9:06 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How Secure is a Domain Controller?
Sorry one more thing.. in a Center for Internet Security project to set
Baseline Operational Security Standards for protecting sensititive data
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How Secure is a Domain Controller?
Myrick, Todd (NIH/CC/DNA) [E] wrote:
Okay for you Susan, I will modify my statement... Add IPsec filter that
only allows http traffic to update.microsoft.com. Also, in the future MS
will probably bake
]
[mailto:[EMAIL PROTECTED] On Behalf Of Al Lilianstrom
Sent: Tuesday, March 07, 2006 8:18 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How Secure is a Domain Controller?
Myrick, Todd (NIH/CC/DNA) [E] wrote:
Okay for you Susan, I will modify my statement... Add IPsec filter
] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz -
SBS
Rocks [MVP]
Sent: Sunday, April 02, 2006 4:49 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How Secure is a Domain Controller?
Good thing you don't work at my office.
No Kung Pao Chicken has ever been
: RE: [ActiveDir] How Secure is a Domain Controller?
I know SBS and Datacenter are mutually exclusive, but, being able to talk on
the phone and hear the other party while in a datacenter are also mutually
exclusive.
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
-Original
PROTECTED]
Sent: Mon 3/6/2006 2:27 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How Secure is a Domain Controller?
Question?
On a DC ...why do you need anti spyware?
If spyware enters via web browsing and email...and IE should never be
used/launched on a DC... why do you need
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
[mailto:[EMAIL PROTECTED]
Sent: Mon 3/6/2006 2:27 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How Secure is a Domain Controller?
Question?
On a DC ...why do you need anti spyware?
If spyware
:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] How Secure is a
Domain Controller?
I've written down some related thoughts
once:
http://msmvps.com/blogs/ulfbsimonweidner/archive/2004/10/24/16568.aspx
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps&qu
as to
be using 7 character passwords you are still very
insecure.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]Sent: Monday, March 06, 2006 2:25
AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir]
How Secure is a Domain Controller?
The use of 20 char
@mail.activedir.orgSubject: RE: [ActiveDir] How Secure is a
Domain Controller?
Based on the subject of this discussion: if you have those
regular users, who can't comprehend or remember a password over 7 characters,
signing on to your domain controllers I would say that your domain controllers
AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir]
How Secure is a Domain Controller?
You mis-understand :)
Ulf was suggesting that in order to protect the AD data on
a poorly protected DC, that strong passwords should be used that are harder to
crack.
In the event that the disks were
, March 06, 2006 9:52
AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir]
How Secure is a Domain Controller?
You mis-understand :)
Ulf was suggesting that in order to protect the AD data on
a poorly protected DC, that strong passwords should be used that are harder to
crack.
In the event
, March 06, 2006 11:23
AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] How
Secure is a Domain Controller?
I understand/stood what you were saying,
just was hoping to bring out a clearer answer for some of the lurker/newbies on
the list (of which there are many). And you provided
9:25
AMTo: ActiveDir@mail.activedir.orgSubject: RE:
[ActiveDir] How Secure is a Domain Controller?
The use of 20 char passwords caught my
eye.
In previous discussions with MS et al, it was suggested
that the majority of users would simply repeat a (at most ( 7 char password n
times, so as
*From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
*Sent:* Monday, March 06, 2006 11:23 AM
*To:* ActiveDir@mail.activedir.org
*Subject:* RE: [ActiveDir] How Secure is a Domain Controller?
I understand/stood what you were saying, just was hoping to bring out
a clearer answer
.
Todd
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [mailto:[EMAIL PROTECTED]
Sent: Mon 3/6/2006 2:27 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How Secure is a Domain Controller?
Question?
On a DC ...why do you need anti spyware
I've written down some related thoughts
once:
http://msmvps.com/blogs/ulfbsimonweidner/archive/2004/10/24/16568.aspx
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website:
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] How Secure
is a Domain Controller?
I've written down some related thoughts
once:
http://msmvps.com/blogs/ulfbsimonweidner/archive/2004/10/24/16568.aspx
Gruesse
- Sincerely,
Ulf
B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http
I always find locking the server in a box with the network
cable pulled out makes it most secure (as long as I don't lose my
keys)...
;)
themolk.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
EdwinSent: Sunday, 5 March 2006 1:17 PMTo:
Secure from what? Pick your risks and then make an
assessment based on that. I have personally found that a fully patched Domain
Controller is not secure from Denial of Service Attacks that involve
alarge truckrunning the DC over. May sound extreme but only you can
really start to guess
Boy that's an open question isn't it?
Books and white papers have been written on this issue alone.
I'd recommend that you grab the Threats and Countermeasures guide and
look at the Security Configuration Wizard.
See:
http://www.cisecurity.org/tools2/win2000/CIS_Win2003_DC_Benchmark_v1.2.pdf
Happy reading.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCT
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried
]
[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA
aka Ebitz - SBS Rocks [MVP]
Sent: Sunday, 5 March 2006 4:55 p.m.
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How Secure is a Domain Controller?
Boy that's an open question isn't it?
Books and white papers have been written
29 matches
Mail list logo