> > Unfortunatly, one of the systems I have to support is a Windoze/NT
> > (allegedly) Advanced Server system (no, I am not an NT or M$ fan and you
> > can flame me in private email, if you dare). This box has to be
> > accessible to the net along side a Sun box.
> >
> > 1) Has anyone done this?
> > 2) What are the internet security concerns when it comes to NT?
> > 3) They (I take no responsibility for this decision) want this thing
> > set up on the "friendly" side of the firewall (friendly in that I
> > haven't kicked it in its side, yet! :-). What are the issues in
> > setting up a firewall in front of an NT box?
>
> 1. Don't use the FTP server unless you really have to. It is kind of
> tricky to make it completely secure.
>
> 2. Block 137/udp and 139/tcp -- these are the NetBIOS IP ports (file
> sharing, printer sharing, etc...).
>
> These are two I can think of off the top of my head. . .
You guys also might want to check out the action at Blue Ridge
Software. Word has it that they are very close to a C2 ticket from
NCSC for their version of TNT (Trusted NT).
rmck
|
|
