Do we really need a firewall?
We're not convinced that a firewall is necessary. Our current setup is Windows 2000, Service Pack 1, running Active Directory. Network Address Translation is enabled, and NetBIOS is shut off on the network interface card facing the Internet. All the shares are hidden (sharname$), and all the shares having "everyone" in the ACL is removed. With this setup, we assume a firewall is not necessary. The reasons include: 1) Win 2000 with Active Directory and the policy set correctly means no one can see any shares unless they are authenticated; 2) NetBIOS isn't enabled, hence the service can't be taken advantage of; 3) all shares are hidden, and logon scripts map to them, and 4) only certain authorized users have rights to the shares.
Relying on Win 2000 Active Directory's protection of the policy data may be safe, despite its reliance on DNS. I'd direct you to the SANS Windows Security Digest Archive for current information about Win 2000 security at www.sans.org/newlook/digests/ntdigest.htm. You can e-mail digest@sans.org with the subject "Windows Security Digest" to get your free subscription. I recommend securing the servers and the network perimeter. There's so much more to the possibilities of TCP/IP networking than one security mechanism can manage. Vigilance is the key, along with traffic monitoring, analysis and control capabilities.
» posted by ITworld staff
Network World
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
Crimeware: Understanding New Attacks and Defenses
By Markus Jakobsson, Zulfikar Ramzan
Published Apr 6, 2008 by Addison-Wesley Professional. Part of the Symantec Press series.
Enter now! | Official rules | Sample chapter
Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures
By Peter Thermos, Ari Takanen
Published Aug 1, 2007 by Addison-Wesley Professional.
Enter now! | Official rules | Sample chapter
