TechGenix and SolarWinds have partnered to provide a fully-functional, free 21-day trial version of SolarWinds ipMonitor, the WindowsNetworking.com Readers' Choice Award Winner for monitoring applications, servers, and network devices to all visitors who join Security Forums. Sign up to Security Forums and get your copy today! Existing members can pick up a copy from the Members Area.
| View previous topic :: View next topic |
| Author |
Message |
ShaolinTiger
Forum Fanatic
Joined: 18 Apr 2002
Posts: 2767
Location: Kuala Lumpur, Malaysia
|
|
| Back to top |
|
 |
haydies
Regular Member
Joined: 19 Apr 2002
Posts: 53
Location: Hades
|
 Posted: Tue Apr 23, 2002 1:11 pm Post subject: |
 |
|
You will be famous one day at this rate....
Don't forget you know me ok?
_________________
Haydies
There is a fine line between genius and insanity.
http://www.netfriends-reunited.com
|
|
| Back to top |
|
|
chris
SF Staff
Joined: 18 Apr 2002
Posts: 846
Location: ~/security-forums
|
| Posted: Tue Apr 23, 2002 5:44 pm Post subject: |
|
|
Reduce the size of the text file so peeps with 1024x768 can read it 
Or make it out of ascii, so we have to use shell / nfo viewer to read it
|
|
| Back to top |
|
|
ShaolinTiger
Forum Fanatic
Joined: 18 Apr 2002
Posts: 2767
Location: Kuala Lumpur, Malaysia
|
| Posted: Tue Apr 23, 2002 5:53 pm Post subject: |
|
|
The text is fixed width, did it in textpad not notepad.
Open it in nfoviewer, fits in the standard sized window nicely.
Hoping to be famous, and rich....and not hax0red by BRasCO LOL
_________________
Share your knowledge, it's a
way to achieve Immortality.
Quit Smoking - Darknet Hacking
Kung-Fu Geekery
|
|
| Back to top |
|
|
CHeeKY
Frequent Member
Joined: 13 Feb 2003
Posts: 231
|
| Posted: Thu Feb 13, 2003 5:22 pm Post subject: |
|
|
you mentioned nothing on shares etc m8? one of the biggest hacking things going...nice tut all round though
here's mine I did for my own board , hope it help a few..
Right about time I did this, here is how to set up a windows system and keep it hacker free, remeber your own worst enemy is yourself, so keep yourself educated on latest things (www.securityfocus.com)
rights lets start. Many might have idea or differences to what I write, this aint a right way to do it, just my way and sharing my thoughts, given where I work I hope its recieved well.
There are two types of installs for the average users, one with single conn to Internet and More than one machine through Internet sharing, yes I know there is winroute etc, but like stated just giving my thoughts on these.
Single Conn Machines.
Biggest hacking threats on the NET come through NETBIOS and IPC$, these are by default added and included on all NET Conns the latter being one of your default shares (will discuss this later)
A simple setup should be:
1. Install Opsys - Always NTFS
2. Install Antivirus (Norton Professional 2003 - Personal Choice)
3. Install Firewall (personal Choice Sygate, but they all crap from desktop end, (get low cost linux seperate box if you can/ or run Checkpoint like I do  )
4. Connect and update all fixes for opsys and updates for firewall and Antivirus
5. Creat New login ID, Copy profile and set complex password for Admin Account, login with new Account.
6. Disbale all Guest info etc, Computer Management.
7. Download Microsoft Security Analyser and run.
8. Open regedit goto HKEY LOCAL MACHINE\SYSTEM\Current ControlSet001\control\LSA - and set RestrictAnonymous to 2
9. Install Pestpatrol or Ad-Aware
10 Goto Services and Stop and Disable the Server Service - This stops all netbios traffic, this is not needed on a single conn box
11. when conn is connected, right click and select properties go Networking, and untick File and Print Sharing, and then double click IP and goto Adv, then WINS tab and untick enable netbios over TCP/IP and unlick LMHOSTS LOOKUP ( you may need this for gaming, pls check.
12. Run Microsoft Analyser again and follow up issues stated.
13. Get someone to test you, use online tools like www.norton.com (security test)(www.blackcode.com)(www.hackerwhacker.com)
14. ALWAYS CHECK WHAT YOU ARE INSTALLING!
15. Do regular dos checks when system has just booted up and nothing is live, goto start,run, cmd, type netstat -an that shows live info on what ports and what ips you are connected too, this can help for trojans, Again anything weird post up in ehre, or do port searches to get more info.
15. Using Norton Professional 2003, you a nice thing for your recycle Bin, which wipes protect files, EG, all that are in Recycled bin, even when you have emtpied it, get eraser if needed.
16. Dont have 1 big Partition, split tme up, useful in rebuild situations
17. Check permissions on drives, right click drive select properties, and security, remove everyone group and Add yourself and Administrators only.
18. Block Port 135, latest hacking going through there, to do with windows messaging.
19. goto Local Security Policies and goto Action Import - MS systems have many security pre made policies that help you lock down, choose from HISECWS or SECUREWS get to know these as they are important and can help you define your own policies for your system.
20 ALWAYS DO REGULAR BACKUPS powerquest backup 2002 does the trick, dont get caught short, you are the only one that suffers
That should do ya for starters, like said all my info is from the field and supporting the largest MS Domain structure in the world
For ICS users, be more vigliant, have a firewall on each ICS, and in Syagte that lets you watch what is going through LSASS.exe which is massively used in ICS, so from ym view point control is always better. Regulary check and trojan scan and clean your system,
On ICS server Service will need to be installed, so I create a batch file, that on loadup deletes all default shares, remeber each drive has a default share!!!!!
net share C$ /delete
net share D$ /delete
for example
remeber to include ADMIN$ (winnt dir) and IPC$(Internet default service)
Again dont forget NETSTAT and if in doubt ask in here.
Hope this has helped, this is just for starters , will do a safe browsing for windows tut soon
|
|
| Back to top |
|
|
mr_who
New Member
Joined: 14 Apr 2003
Posts: 42
|
|
| Back to top |
|
|
topless
Just Arrived
Joined: 11 Oct 2004
Posts: 5
|
| Posted: Tue Oct 19, 2004 6:24 am Post subject: Re: Windows 2000 Security |
|
|
I believe this tool basically does the same as the article describes, but automatically: http://www.stoplistening.com/
|
|
| Back to top |
|
|
DRVTACH
Just Arrived
Joined: 13 Apr 2006
Posts: 1
|
| Posted: Fri Apr 14, 2006 12:06 am Post subject: Port 135 and Online Banking |
|
|
Hi ALL,
RE: 18. Block Port 135, latest hacking going through there, to do with windows messaging.
Most Online Banking Sites Use Port 135, I have sent 100s of emails But they must be using it for what they believe is security.
So What I do is Use "DCOMbobulator" a whooping 29kb utility by Steve Gibson
Here: http://www.grc.com/dcom/intro.htm
It sits on my desktop as it need no installation. I can turn on port 135 when I need to do my Banking. Cool.
OH check out WIZMO while your there, It have many uses because it uses
Simple "linear" programming:Since Wizmo's commands are executed one at a time, it's possible to create simple scripts on the command line.
Great Post CHeeKY
Ya All Have a Great Day BILL
|
|
| Back to top |
|
|
|
