[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [inbox] Re: [Full-Disclosure] CyberInsecurity: The cost ofMon opoly

To: "'Steve Wray'" <steve.wray@xxxxxxxxxxxxxxx>
Subject: RE: [inbox] Re: [Full-Disclosure] CyberInsecurity: The cost ofMon opoly
From: "Randal, Phil" <prandal@xxxxxxxxxxxxxxxxxxxx>
Date: Tue, 30 Sep 2003 10:38:40 +0100

Steve Wray [mailto:steve.wray@xxxxxxxxxxxxxxx] wrote:

> Unix style OS's typically have configuration of important security
> related features, like eg firewalling, in text files.
> Unix style OS's also provide a plethora of tools for manipulating
> text files in scripts.
> I wish I knew how to use cygwin's sed, grep et al to manipulate the
> windows registry...

It's amazing what you can do in Windows with free software and batch
scripts.  The essential tools in my arsenal are sysinternals.com's PSTools
(http://www.sysinternals.com/ntw2k/freeware/pstools.shtml) and Ruud van
Velsen's KiXtart (http://www.kixtart.org).  KiXtart makes scripting registry
changes easy, and with PSExec I can remotely execute KiXtart scripts under
whatever credentials I want.  Pushing out Microsoft's latest RPC patch this
way was easy.  What's not so easy is catching those PCs whose presence on
the network is transient - laptop and dial-in users.  These of course are
the weakest links in the security chain anyway, alas.

Cheers,

Phil

---------------------------------------------
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] [TURBOLINUX SECURITY INFO] 30/Sep/2003
Next by Date: RE: [Full-Disclosure] Re: Pudent default security - Was: CyberInsecurity: The cost of Monopoly
Previous by thread: [Full-Disclosure] [TURBOLINUX SECURITY INFO] 30/Sep/2003
Next by thread: [Full-Disclosure] [RHSA-2003:291-01] Updated OpenSSL packages fix vulnerabilities
Index(es):
- Date
- Thread