Security Basics mailing list archives
Re: Locking down workstation
From: "Chris Berry" <compjma () hotmail com>
Date: Tue, 10 Jun 2003 16:11:54 -0700
From: "Mada Dulate" <madadulate () hotmail com>I've learned a lot from this list (thank you) but I've tried to lurk a bit, expected this issue to come up before I posted. Time's up.
Usually a good idea on a new list.
Firewalls are certainly a good practice, hopefully getting better, but if I'm really concerned with security and as a responsible netizen looking to stem the spread of disease, don't I want to do the best I can to close up unused ports and services on every destop in my network.
Well, yes, and no. It's important to implement a security plan that falls within your maintenance capabilities. Host based lockdown can be an important component, but you have to be careful not to overcommit yourself.
I admit I don't really know the implications of this from an administrator's point of view, and I don't know how to audit this, but the reading I've stumbled on is very directed at server strategy.
That's because servers are the prime targets, workstations are usually just taken down by collateral damage.
Chris Berry compjma () hotmail com Systems Administrator JM Associates "Gold is for the mistress - silver for the maid Copper for the craftsman cunning in his trade. "Good!" said the Baron, sitting in his hall But steel - cold steel is master of them all." -- Rudyard Kipling _________________________________________________________________STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
--------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare.Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
Current thread:
- RE: Scanner Software Question, (continued)
- RE: Scanner Software Question Marc Maiffret (Jun 11)
- RE: Scanner Software Question Louie (Jun 12)
- Re: Scanner Software Question compguruman (Jun 17)
- RE: Scanner Software Question security (Jun 17)
- RE: Scanner Software Question James L. Harrison (Jun 17)
- RE: Scanner Software Question Marc Maiffret (Jun 11)
- RE: Locking down workstation Des Ward (Jun 11)
- Re: Locking down workstation James (Jun 11)
- RE: Locking down workstation dave (Jun 11)
- Re: Locking down workstation Dana Epp (Jun 11)
- Re: Locking down workstation Brad Mills (Jun 11)
- Re: Locking down workstation Chris Berry (Jun 11)
- RE: Locking down workstation Thomas F Parham (Jun 11)
- RE: Locking down workstation David Gillett (Jun 11)
- Re: Locking down workstation Paul Pepper (Jun 11)