Announcement

Collapse
No announcement yet.

Windwos 2000 Pro...

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Windwos 2000 Pro...

    Just a quick question.

    What do you guys think about Win 2k Pro's security.


    pretty basic question..I just want to see if i dont know something that someone else knows..


    Thanks,
    Enven.
    A paranoid is someone who knows a little of what's going on.
    -
    William S. Burroughs

  • #2
    Originally posted by enven
    What do you guys think about Win 2k Pro's security.
    It sucks.

    By default it ships with services running which have a history of security issues
    It includes the default browser MSIE
    It includes the default Mail Client OutlookExpress
    It encourages (makes it substantially easier for) people to log in as administrator to use the machine for all of their needs.
    User Security is fairly weak for shared access.
    Distribution is uniform for most applications (meaning an exploit on one Windows 2000 Pro box will likely work for a large percent of the market.)
    Even MS encourages use of a Firewall (filter and networking policies) to protect services, but use of such filters decreases functionality of many services.
    And one of the most important:
    It is nearing is End-of-life-cycle after which, no new security updates will be available from Microsoft, and because it is proprietary/closed-source, any bugs which still remain are like land mines waiting to be discovered-- making a box with this OS unreliable and unsupportable in the wild.

    Of course, the default security is bad in many OS, but that is not the question.

    There is more than what is stated above, but I am too lazy to type more in this reply.

    Comment


    • #3
      Originally posted by enven
      Just a quick question.

      What do you guys think about Win 2k Pro's security.

      I just want to see if i dont know something that someone else knows..


      Thanks,
      Enven.
      "Windwos"

      Like how to spell Windows?

      Comment


      • #4
        Originally posted by TheCotMan
        It sucks.

        It is nearing is End-of-life-cycle after which, no new security updates will be available from Microsoft, and because it is proprietary/closed-source, any bugs which still remain are like land mines waiting to be discovered-- making a box with this OS unreliable and unsupportable in the wild.

        Of course, the default security is bad in many OS, but that is not the question.

        There is more than what is stated above, but I am too lazy to type more in this reply.
        Under the new guidelines, Extended support has been moved out to 2010.

        Comment


        • #5
          Originally posted by highwizard
          Under the new guidelines, Extended support has been moved out to 2010.
          Ah, I see.

          It is good to see that Microsoft has decided to make it possible to support one of their OS with security fixes for up to a decade.

          And the big differences between "Mainstream support phase" and "Extended support phase" appears to be summaraized here in a table under numbered item 3.

          Thanks for the correction. Links provided to save others from duplicating the same work.
          Last edited by TheCotMan; July 2, 2004, 09:49. Reason: escape "[" and "]" from url to make it forum happy

          Comment


          • #6
            Originally posted by TheCotMan
            Ah, I see.

            It is good to see that Microsoft has decided to make it possible to support one of their OS with security fixes for up to a decade.

            And the big differences between "Mainstream support phase" and "Extended support phase" appears to be summaraized here in a table under numbered item 3.

            Thanks for the correction. Links provided to save others from duplicating the same work.

            Yea, i was looking through some sites for vulnerabilities, etc...found most of that stuff..or of course, already knew...it just seems like Windows 2000 sucks balls...period..Thanks for the quick reply though.
            A paranoid is someone who knows a little of what's going on.
            -
            William S. Burroughs

            Comment


            • #7
              If you are talking Windows , 2k is the most secure of them with the service pack 4 installed. This doesn't mean it is secure.
              But there are a lot of things you can do yourself in order to make it better.

              I recommend you to read the book from MS press called "Microsoft Windows Security inside out for Windows XP and 2000". It has been mentioned here before under another thread. It explains in an easy way how you can adjust the settings for the server, explorer and network.
              Change to another browser than IE and disable telnetservice, messengerservice,
              and take a look on the small programs here

              http://www.grc.com/default.htm
              When people call me normal I know it's time to seek mental help

              Comment


              • #8
                Originally posted by enven
                Yea, i was looking through some sites for vulnerabilities, etc...found most of that stuff..or of course, already knew...it just seems like Windows 2000 sucks balls...period..Thanks for the quick reply though.
                One thing I will say for Windows 2000: it was the first Windows OS to at least even make a nod towards security. Group Policy is a very powerful tool in this regard, and does go quite some way towards at least locking down object and user permissions. However, I do agree that the 'everything enabled by default' approach is a joke, and contributes greatly to the problems surrounding Windows 2000 security.

                Having said that... I've seen 2000 boxes in the same colo rack as RedHat boxes not get owned while the Linux boxes are being raped senseless nine ways from Sunday, so while patching and out-of-the box options may have a lot to do with it, so do bad administrative practices. YMMV.

                Comment


                • #9
                  Originally posted by ttickzz
                  If you are talking Windows , 2k is the most secure of them with the service pack 4 installed. This doesn't mean it is secure.
                  But there are a lot of things you can do yourself in order to make it better.
                  I disagree. There is not a "most secure" operating system. A strong security administrator (NOTE, that is NOT a system administrator, they are different positions but that is a rant for another day) that understand the OS he charged with can do as good a job of 'securing" that OS as a similarly strong security administrator on a different platform. Skroo's point right here is an an example of what I am talking about:

                  Originally posted by skroo
                  Having said that... I've seen 2000 boxes in the same colo rack as RedHat boxes not get owned while the Linux boxes are being raped senseless nine ways from Sunday, so while patching and out-of-the box options may have a lot to do with it, so do bad administrative practices. YMMV.
                  perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'

                  Comment


                  • #10
                    Originally posted by skroo
                    One thing I will say for Windows 2000: it was the first Windows OS to at least even make a nod towards security. Group Policy is a very powerful tool in this regard, and does go quite some way towards at least locking down object and user permissions. However, I do agree that the 'everything enabled by default' approach is a joke, and contributes greatly to the problems surrounding Windows 2000 security.

                    Having said that... I've seen 2000 boxes in the same colo rack as RedHat boxes not get owned while the Linux boxes are being raped senseless nine ways from Sunday, so while patching and out-of-the box options may have a lot to do with it, so do bad administrative practices. YMMV.


                    Sadly i have seen the same skroo, funny yet..the final outcome is bad administrating...it is though true, there is no OS that is secure..i just wanted to hear everyones thoughts on it..maybe find or learn something new..and thankfully everyone had an opinion.

                    Thanks,
                    Enven
                    A paranoid is someone who knows a little of what's going on.
                    -
                    William S. Burroughs

                    Comment


                    • #11
                      Originally posted by skroo
                      One thing I will say for Windows 2000: it was the first Windows OS to at least even make a nod towards security. Group Policy is a very powerful tool in this regard, and does go quite some way towards at least locking down object and user permissions. However, I do agree that the 'everything enabled by default' approach is a joke, and contributes greatly to the problems surrounding Windows 2000 security.

                      Having said that... I've seen 2000 boxes in the same colo rack as RedHat boxes not get owned while the Linux boxes are being raped senseless nine ways from Sunday, so while patching and out-of-the box options may have a lot to do with it, so do bad administrative practices. YMMV.
                      just to add to that. they're only as secure as the administrator makes them. it's the responsibility of a windows 2000 administrator to apply updates and secure them before they are put into production just like any other OS.
                      and windows 2000 isn't meant for the end user. it's really meant for use in a domain and to be secured via GPO's
                      - fhqwhgads

                      Comment


                      • #12
                        Folks search google for W2K hacks, yet you can also find third party patches and solutions to avoid the hacks there as well. It is a never ending chore, and probably very boring job security.

                        Comment


                        • #13
                          Originally posted by astcell
                          Folks search google for W2K hacks, yet you can also find third party patches and solutions to avoid the hacks there as well. It is a never ending chore, and probably very boring job security.
                          if you get paid money to do it..its not that boring ;)
                          A paranoid is someone who knows a little of what's going on.
                          -
                          William S. Burroughs

                          Comment


                          • #14
                            If you get paid to do it, you stay bored longer.

                            Comment

                            Working...
                            X