RE: [inbox] Re: CyberInsecurity: The cost ofMon opoly

["Randal, Phil" <prandal () herefordshire gov uk>]

Steve Wray [mailto:steve.wray () paradise net nz] wrote:

> Unix style OS's typically have configuration of important security
> related features, like eg firewalling, in text files.
> Unix style OS's also provide a plethora of tools for manipulating
> text files in scripts.
> I wish I knew how to use cygwin's sed, grep et al to manipulate the
> windows registry...

It's amazing what you can do in Windows with free software and batch
scripts.  The essential tools in my arsenal are sysinternals.com's PSTools
(http://www.sysinternals.com/ntw2k/freeware/pstools.shtml) and Ruud van
Velsen's KiXtart (http://www.kixtart.org).  KiXtart makes scripting registry
changes easy, and with PSExec I can remotely execute KiXtart scripts under
whatever credentials I want.  Pushing out Microsoft's latest RPC patch this
way was easy.  What's not so easy is catching those PCs whose presence on
the network is transient - laptop and dial-in users.  These of course are
the weakest links in the security chain anyway, alas.

Cheers,

Phil

---------------------------------------------
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html