Wednesday, November 16, 2005

Securing Windows..

Windows Windows Windows.. 95, 98, mE, NT, 2000, XP, 2003, and upcoming, Vista and Longhorn. Up until Window 2003, did our good ol' MS have this serious flaw with Windows Operating System, especially when it comes to preventing unauthorized access.

Speaking of unauthorized access. If you're on the network and you know your colleagues TCP/IP, a simple \\xxx.xxx.xxx.xxx\c$ at RUN actually gives you access to his PC? So maybe 2000 onwards the OS will probably prompt you for authentication, i.e. a username and Password, but even with that it can be bypassed.

In Every Windows OS, there is an account called "RESTRICTED". Did you know......


C:\> net use \\xxx.xxx.xxx.xxx\ipc$ " " /user:" "


AND the use of a pretty easyly obtainable application called Dumpacl, you can actually hack into a windows PC, and recovering every password and username that exists on the box? Pretty scary huh? An unpatched webserver will most probably fall pray to this since it's published on the WWW with a public IP which is easily accessible by anyone, and everyone.

Can i prevent this?

Yessirreee boys and girls, you can! Maybe you should try doing this to prevent the above mentioned ever happening:

Go to Run > REGEDIT

HKLM/SYSTEM/CurrentControlSet/Control/LSA

Change the parameter : "restrictanonymous" and set the value to 2 (by default, the value should be 0)

Do take note, for Windows 2000/XP the value should be changed to 2, and for Windows NT the value should be changed to 1.

Most important of all, always remember to patch your OS with the latest security updates and at the same time, don't forget to update that darn antivirus and spyware while you're at it!

8 Comments:

Blogger shawnchin said...

If it's so easy to exploit, yet so easy to fix, why doesn't Microsoft fix it so that it's secure out of the box?

8:14 AM  
Blogger cancelthisacct said...

Perhaps Microsoft is lagging here. When revenues comes into mind, they couldn't care much about the holes they left. All they care about is $$$. Fixes later.

12:02 PM  
Blogger TechTalks said...

Shawnchin: I guess it's MS twisted way of driving you up the wall. Bet ol' Bill is laughing his arse off while the millions of us are paying for enhancements, enhancements, enhancements..

Yup, callmejt: Pay first fix later. For ever revising their freaking licensing scheme which turns to what? More money from consumer. What a bitch man... And you're right about that.. FIXES, LATER =)

1:58 PM  
Blogger shawnchin said...

well, at least MCSE's out there got work to do. If everything is secure out of the box, everyone else har to cari mana ;)

8:02 PM  
Blogger TechTalks said...

Betul sekali! Bugs and vunerability provides "Peluang Pekerjaan" hahaha

6:09 PM  
Blogger cancelthisacct said...

Those MCSE MCSA MPPJ MPK DBKL course ain't cheap I tell u! Cost a bomb!

7:18 PM  
Blogger shawnchin said...

Just realised my massive typo above:

"everyone else har to cari mana"
= "everyone else hard to cari makan"

*crawling back to my hole*

6:18 PM  
Blogger TechTalks said...

callmejt: Expensive is the WORD bro.. Im taking OCP now and i think it costs something like RM10k. Hehe Lucky me, company funded cos no way in hell i can afford that kinda money!

shawn: All's cool bro, typo-shmypo.. haha i was actually trying to figure out what was it "Har to cari mana" meant.. =)

Cherios!

10:46 AM  

Post a Comment

<< Home