f



Security check on firewall and workstations behind the firewall

Hi,

What procedures should be carried out to thoroughly check security on
a network comprised of one Windows 2000 Server running the CHX-I
packet filter from http://www.idrci.net  (and also configured to do
NAT and share an internet connection) and several Windows 2000
Professional workstations ?
It's two things that I have to analyze:
1) Security on the server itself, and
2) (In)accessibility to internal workstations from the public
Internet. E-mail and web surfing are the only Internet services -so to
say- they are allowed to do.

I would like to know what is the standard procedure to carry out such
checks, I mean, what tests should be done and what software tools
(from Microsoft or third parties) for security analysis/audit should
be used.
As an additional note, the operating system on the server and
workstations is automatically updated and Norton Antivirus (retail
version on the workstations and Corporate Edition on the server) is
installed.

Thank you.

Fernando Ronci
E-mail: fernandoronci@hotmail.com
0
1/22/2004 4:29:34 AM
comp.security.misc 4155 articles. 0 followers. Post Follow

0 Replies
1029 Views

Similar Articles

[PageSpeed] 11

Reply:

Similar Artilces:

Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005
Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005 - , ---------------------------------------------------------------------------- Security programs 2005 - Utimaco SafeGuard Advanced Security v4.30.0.335 Multi CD NR 17 543 Utimaco SafeGuard Advanced Security v4.30.0.335 Terminal Server Base Module Multi CD NR 17 544 Utimaco SafeGuard Advanced Security v4.30.0.335 ...

Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005
Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005 - , ---------------------------------------------------------------------------- Security programs 2005 - Utimaco SafeGuard Advanced Security v4.30.0.335 Multi CD NR 17 543 Utimaco SafeGuard Advanced Security v4.30.0.335 Terminal Server Base Module Multi CD NR 17 544 Utimaco SafeGuard Advanced Security v4.30.0.335 Terminal Server Multi CD NR 17 545 Symantec Norton Internet Security 2005 CD NR 17 234 Symantec Client Security Corporate Edition v2.0 CD NR 15 321 Symantec Mail Security for Microsoft Exchange 4.0 CD NR 13 364 Steganos Internet Security 7 CD NR 16 968 McAfee Internet Security Suite V7.0 2005 CD NR 16 727 Security Service (c) McAfee CD NR 11 362 Symantec Norton Internet Security v3.0 For Mac OSX CD NR 12 698 Microsoft Windows XP SP2, With Advanced Security Technologies. CD NR 16 244 PANDA PLATINUM INTERNET SECURITY V8.05 SUB100 CD NR 16 096 Panda Platinum Internet SEcurity *Englsih-Spanish* 14 184 IBM Tivoli Security Manager v5.1 (c) IBM CD NR 15 750 Finjan Vital Securit...

Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005
Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005 - , ---------------------------------------------------------------------------- Security programs 2005 - Utimaco SafeGuard Advanced Security v4.30.0.335 Multi CD NR 17 543 Utimaco SafeGuard Advanced Security v4.30.0.335 Terminal Server Base Module Multi CD NR 17 544 Utimaco SafeGuard Advanced Security v4.30.0.335 Terminal Ser...

pgp programs 2005 -, Security programs 2005
pgp programs 2005 -, Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005 - , ---------------------------------------------------------------------------- pgp programs 2005 - PGP.CommandLine.for.Linux.v8.5.0 PGP.CommandLine.for.Solaris.v8.5.0 PGP.CommandLine.v8.5.0 (week 31/2004) PGP.Desktop.v8.1.for.Windows PGP.Personal.Desktop.v8.1.for.Macintosh (week 26/2004) PGP.Enterprise.v8.0.3 (week 49/20030 PGP.v8.0.3 (week 42/2003) 15/...

pgp programs 2005 -, Security programs 2005
pgp programs 2005 -, Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005 - , ---------------------------------------------------------------------------- pgp programs 2005 - PGP.CommandLine.for.Linux.v8.5.0 PGP.CommandLine.for.Solaris.v8.5.0 PGP.CommandLine.v8.5.0 (week 31/2004) PGP.Desktop.v8.1.for.Windows PGP.Personal.Desktop.v8.1.for.Macintosh (week 26/2004) PGP.Enterprise.v8.0.3 (week 49/20030 PGP.v8.0.3 (week 42/2003) 15/...

How secure is the security from my security form?
Hey, I have a question about how secure the following will be.... I want to have a login form that posts to itself, so when it loads it checks if there is a username and password on the query list. If there is not, it asks for one. If there is, it checks to see if the information is valid. If it is not valid, it deletes the attributes and calls itself again. If it is valid it sets a particular session variable to be some value and redirects to the next page. Every page from there on in will check to see if the session variable is set and if not will redirect back to the login page. Are ...

How secure is the security from my security form?
Hey, I have a question about how secure the following will be.... I want to have a login form that posts to itself, so when it loads it checks if there is a username and password on the query list. If there is not, it asks for one. If there is, it checks to see if the information is valid. If it is not valid, it deletes the attributes and calls itself again. If it is valid it sets a particular session variable to be some value and redirects to the next page. Every page from there on in will check to see if the session variable is set and if not will redirect back to the lo...

how secure is the security from my security form?
Hey, I have a question about how secure the following will be.... I want to have a login form that posts to itself, so when it loads it checks if there is a username and password on the query list. If there is not, it asks for one. If there is, it checks to see if the information is valid. If it is not valid, it deletes the attributes and calls itself again. If it is valid it sets a particular session variable to be some value and redirects to the next page. Every page from there on in will check to see if the session variable is set and if not will redirect back to the login page. Are ...

How secure is the security from my security form?
Hey, I have a question about how secure the following will be.... I want to have a login form that posts to itself, so when it loads it checks if there is a username and password on the query list. If there is not, it asks for one. If there is, it checks to see if the information is valid. If it is not valid, it deletes the attributes and calls itself again. If it is valid it sets a particular session variable to be some value and redirects to the next page. Every page from there on in will check to see if the session variable is set and if not will redirect back to the lo...

Security
I've been doing some investigation into a little problem with privileges. And this is what I have found. If you want to access an Informix database via ODBC and your normal login and password are restricted then set up your odbc connection with no user name and password and you can do anything. This is what I did to prove it. 1. I created a new database called security. 2. I added two tables - opentab and securetab 3. I revoked all permissions on securetab from public 4. I granted connect to public. 5. From MS-Access I set up a new database 6. I used "link-tables" to add a new odbc connection with no username or password, and to link both tables. 7. I could SELECT, INSERT, UPDATE, and DELETE from both tables. 8. I then deleted both tables from my access database. and used control panel to remove the odbc connection. 9. I then repeated steps 5-7 but with a valid username and password. 10. I couldn't access the securetab. So, using a username and password is secure but not using a username and password gives full access. Can anybody spot anything wrong in my reasoning? BTW I have done this on IDS 9.4, running on AIX 5.2, and I was running Windows XP with MS-Access 2002 SP3, and Informix-Client SDK version 2.81 regards Malcolm mweallans@panacea.co.uk wrote: > I've been doing some investigation into a little problem with > privileges. And this is what I have found. > > If you want to acces...

a secure firewall -- or is it?
Hello fellow users, I have a linux box firewalling my internet connection with the following setup: ADSL connection with dhcp offering 5 public IPv4 addresses from a large pool. devices on the net: ISP's end <-phone line-> ADSL bridge <-cat5-> linux box's eth0 <-bridged-> eth1 <-cat5-> 10/100 ethernet switch <-cat5-> 4 connected PCs. The linux bridge is using iptables and linux-2.6.0testX to drop evil packets and blocking everything below 1024. I can get an IP for the linux's br0 (the bridge virtual interface) by dhcp so I can connect to it but if I don't get any IP for the firewalling bridge, is there any way someone could compromise that host? I have physical access to the console so I can configure it locally. So I don't really need an IP for the bridge. Maybe some kind of very evil packets that confuse the TCP/IP stack so netfilter would let everything in or any ideas breaking such a firewall? Cheers, -heze ...

secure ftp upload behind a firewall
I'm trying to convert all of my ftp connections to secure ftp connections. I have a small php script that uploads a file once an hour via FTP. from my computer, i can connect to the server via secureftp, so i'm trying to do the same thing via php. i change my ftp_connect() command to ftp_ssl_connect(). The connection works, but when i try ot upload a file it says: "ftp_put(): I won't open a connection to _internal_ip_ (only to _external_ip_) in script.php on line 31" I know this is because i'm doing NAT on my network. is there a way to fix this either in PHP or via the cablemodem router? i have access to iptables on the router if need be. Thanks, ...

RMI client behind a firewall, server behind a firewall too
Hello, Browsing the web & newsgroups, it looks like this problem doesn't have any kind of easy solution, but let's see if someone knows different. I want to have a RMI client behind a firewall and a RMI server behind another firewall. I don't have any control over the firewalls. I know port 80 will be open for http traffic, but that's it. The web server on either side isn't the same as the machine running the RMI client or server. I want the client to be able to call methods on server objects and also to enable callbacks from the server to the client. What can be d...

Client behind a firewall, server behind another firewall
Hi everyone, I need some high-level help with this problem. If you can point me in the direction of the general solution, I'll be able to work out the details, I hope. I want to set up a client/server system in which the client is behind one firewall and the server is behind another firewall. I want the client to be able to contact the server, and also for the server to callback to the client. I don't have any control over the firewalls involved, although the firewall admins on both sides will know & approve of the scheme. (In other words, they're happy with thi...

SN#12252 Security Vulnerability in Check Point Firewall-1
SYSTEM NEWS FOR SUN USERS Vol 72 Issue 2 2004-02-09 Article 12252 from section "SysAdmin's Section" Hackers able to Execute Arbitrary Code with Administrative Privileges Check Point has announced a security vulnerability in the Check Point Firewall-1 that could allow a remote hacker to execute arbitrary code with administrative privileges. The exploit allows an attacker to take control of the firewall, and, in some cases, control the server it runs on. The systems affected by the security vulnerability include: - Check Point Firewall-1 NG FCS - Check Point Firewall-1 NG FP1 - Check Point Firewall-1 NG FP2 - Check Point Firewall-1 NG FP3, HF2 - Check Point Firewall-1 NG with Application Intelligence R54 - Check Point Firewall-1 NG with Application Intelligence R55 An update has been published by Check Point that modifies the error return strings used when an invalid HTTP request is detected. The update is designed to prevent attackers from exploiting several known error strings. According to the company, Check Point products are only affected by the vulnerability if the HTTP Security Servers feature is enabled. Affected sites may be able to limit their exposure to this vulnerability by disabling HTTP Security Servers or the Application Intel...

Network Security and Firewall
Hi, We have compiled some details regarding Network Security and Firewalls. http://www.irohaninfotech.com/blog -Ashu ...

Firewall security appliance
I have a number of small sites, less than 10 clients each, that I need to protect. I have been looking at a SonicWall TotalSecure 5. I have not configured SonicWall myself, are there any good tutorials or training materials available. Any other suggestions instead of SonicWall? > Any other suggestions instead of SonicWall? Yeah, one: www.zeroshell.net On Wed, 19 Sep 2007 13:40:14 GMT, "Terry" <terry@integratedpos.com> wrote: >I have a number of small sites, less than 10 clients each, that I need to >protect. I have been looking at a SonicWall TotalSecure 5. I have not >configured SonicWall myself, are there any good tutorials or training >materials available. Any other suggestions instead of SonicWall? Secure Computing Sidewinder - their 110 series is rated for 100 users. http://www.securecomputing.com/index.cfm?skey=1676 ...

linfw3
.... against all hackers and trojans! http://www.gooken.de, exkurs ...

How Secure is Windows Firewall?
http://it.slashdot.org/it/04/08/14/2146252.shtml?tid=201&tid=172 ----- Start Quotes ----- Garret writes "Though Microsoft is doing their part in protecting Windows users from internet attacks by including a firewall in their latest service pack, one has to wonder just how secure is the Windows Firewall from XP Service Pack 2? Not too good according to Flexbeta. Their recommendation is to turn off Windows Firewall and get an alternative such as ZoneAlarm or Sygate PF. Simply the fact that Windows Firewall can be turned off by another application is enough to tell me Microsoft has goofed again." PCWorld also has a story about the new firewall capability ----- End Quotes ----- The more I read and think about it, the more silly it seems to let other programs turn off the firewall. Is there, at least, a dialog that lets the user decide? If not, MS seems to be clueless when it comes to security. -- "If A = B and B = C, then A = C, except where void or prohibited by law." Roy Santoro, Psycho Proverb Zone (http://smallurl.com/?i=15235) Snit wrote: > http://it.slashdot.org/it/04/08/14/2146252.shtml?tid=201&tid=172 > > ----- Start Quotes ----- > > Garret writes "Though Microsoft is doing their part in protecting Windows > users from internet attacks by including a firewall in their latest service > pack, one has to wonder just how secure is the Windows Firewall from XP > Service Pack 2? Not too good according to Fle...

ICT firewall Security
Need a good firewall thats tailored for your needs? I suggest http://www.ultrasecure-it.co.uk/ They were very helpful to me and I'd recommend giving them a try . They even have a free trial which helped a lot. Happy surfing! 8-) ...

Securing BSD as firewall
I have a pretty technical networking question.... First, a little background info: A while back, on the advice of a co-worker, I started using a FreeBSD-based PC as a harware firewall to my cable modem. A couple days ago, I was perusing the system logs and noticed a bunch of rejected attempts to ftp into my firewall from IP addresses in France, a few in Poland, and a couple others I didn't bother to look up. Most were accompanied by a message that the login was rejected, but not all were. Question: How do I bind services to one network interface, but no...

Network Security and Firewalls
I'm looking for some more good links on network security and firewall links like http://www.distributednetworks.com/ Thanks, Tom On 15-Feb-2006, "ewebxml@gmail.com" <ewebxml@gmail.com> wrote: > I'm looking for some more good links on network security and > firewall links like > http://www.distributednetworks.com/ Have you tried www.securityfocus.com ? -- We apologize for the inconvenience On Wed, 15 Feb 2006 22:24:14 GMT, ArtDent wrote: > > On 15-Feb-2006, "ewebxml@gmail.com" <ewebxml@gmail.com> wrote: > > > I'm lo...

Secure your digital information assets with Secure Auditor Secure Windows with Secure Auditor
hey guys! If you want to identify vulnerabilities in your windows than try this new tool Secure Auditor. It does Windows scanning, auditing, password cracking, event log viewing, port scanning, Windows hardware and software inventory management etc. Download this link and make your system hacking proof. http://www.download.com/Secure-Auditor/3000-2653-10826743.html?part=dl-SecureAud&subj=uo&tag=button Just install it and see the magic. No security hole and no false positive. By the way it also audit Oracle database, MSSQL databases and Cisco Routers. ...

Secure your digital information assets with Secure Auditor. Secure Windows with Secure Auditor
hey guys If you want to identify vulnerabilities in your windows than try this new tool Secure Auditor. It does Windows scanning, auditing, password cracking, event log viewing, port scanning, Windows hardware and software inventory management etc. Download this link and make your system hacking proof. http://www.download.com/Secure-Auditor/3000-2653-10826743.html?part=dl-SecureAud&subj=uo&tag=button Just install it and see the magic. No security hole and no false positive. By the way it also audit Oracle database, MSSQL databases and Cisco Routers. ...

Web resources about - Security check on firewall and workstations behind the firewall - comp.security.misc

Workstation - Wikipedia, the free encyclopedia
This article is about the type of computer. For workstations in music production, see music workstation . For furniture, see cubicle and computer ...

Workstation - Wikipedia, the free encyclopedia
This article is about the type of computer. For workstations in music production, see music workstation . For furniture, see cubicle and computer ...

App Store - iCAS — Workstation-class scientific computing for iOS devices!
Get iCAS — Workstation-class scientific computing for iOS devices! on the App Store. See screenshots and ratings, and read customer reviews. ...

workstation - Flickr - Photo Sharing!
i tend to photograph trin from above. possibly because she is little. colour

Citrix WinFrame 1.8 upgrade from Windows NT 3.51 Workstation - YouTube
This is my recording of doing an in place upgrade of the elusive Citrix WinFrame 1.8 version of Windows NT 3.51. I was able to do an in place ...

Active workstations
Active workstations mean we can burn calories and stay active while we sit.

Active workstations
Active workstations mean we can burn calories and stay active while we sit.

Active workstations
Active workstations mean we can burn calories and stay active while we sit.

Active workstations
Active workstations mean we can burn calories and stay active while we sit.

Fusion-IO Brings Flash Madness To Workstations, And Movies Like 'Hugo'
... the founding member of the AllThingsD Flash Madness Club , last summer’s hot IPO , said today it is bringing its flash technology to workstations. ...

Resources last updated: 3/10/2016 11:33:05 AM