Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] FW-1 SPs

To: "Thornton, Richard" <[email protected]>
Subject: Re: [FW1] FW-1 SPs
From: Jason Costomiris <[email protected]>
Date: Thu, 7 Dec 2000 10:14:39 -0500
Cc: "Firewall-1 Mailing List (E-mail)" <[email protected]>
In-reply-to: <3921657A375FD411BCED00508B5ECA018F065A@wizzle.isd.csa.scot.nhs.uk>; from [email protected] on Thu, Dec 07, 2000 at 02:23:24PM -0000
References: <3921657A375FD411BCED00508B5ECA018F065A@wizzle.isd.csa.scot.nhs.uk>
Sender: [email protected]
User-agent: Mutt/1.2i

On Thu, Dec 07, 2000 at 02:23:24PM -0000, Thornton, Richard wrote:
: I was wondering if anyone knew of the availability of Service Pack 7 for NT,
: reason being I want to install a firewall-1 server based on NT but am
: worried at the amount of hotfixes that may need to be applied to a sp6a
: machine to make it secure.

Just apply SP6a, and then be *smart* about what you leave running on the
machine.  MCSE's cringe when I tell what you should remove, but the box
will continue to run just fine && dandy.  Don't listen to them when they
say the box won't work right any longer.  This is a firewall we're talking
about, not a file server - you don't care if the FW shows up in the
Network Neighborhood.

1) Get into the Network Properties, go to the Services tab and remove
everything except for (optionally) SNMP.  If you don't care if the FW-1
Monitor application works or not, remove that too.  The services you want
gone are:

Netbios Interface
Workstation
Server
RPC Configuration
Computer Browser

2) In Control Panel -> Devices, kill the WINS Client (disable)

3) In Control Panel -> Services, kill the TCP/IP Netbios helper (disable)

Now, when you go into network properties, you will get a message that says
"Windows NT Networking is not installed, would you like to install it?"
You should ALWAYS answer "No."

Why would you do this?  Most of the vulnerabilities for NT are either
NetBIOS related, or related to some other service that you don't need to run
a firewall.  If those services aren't there, you can't exploit them, right?

-- 
Jason Costomiris <><           |  Technologist, geek, human.
jcostom {at} jasons {dot} org  |  http://www.jasons.org/ 
          Quidquid latine dictum sit, altum viditur.


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] FW-1 SPs
  - From: "Thornton, Richard" <[email protected]>

Prev by Date: RE: [FW1] License question
Next by Date: Re: [FW1] users
Previous by thread: [FW1] FW-1 SPs
Next by thread: [FW1] motif in cp.macro
Index(es):
- Date
- Thread