Testing Security

[equuelus]

Greetings..

I have already set up my own servers and everything.. now how could i test my system... making sure that it is secure enough from hackers... my friend advised me to try and hack to my own system.. that is the best way to see whether my system is secured or not.. but how?

my system is running win2k.... could anyone give me details on how to test my system and making it even more secured..

thanks in advance.

[JoshT]

The biggest thing would to be to make sure Netbios isn't enabled / accessible from the internet. It's primarily TCP port 139, plus 135-139 TCP and UDP, plus I think another higher number port for Win2000. Make sure you've applied any applicable IIS patches to prevent access of ASP source code. Win2000 is supposedly more secure than NT, but the "Hacking Exposed" still has a whole chapter on 2000, but I've only read through the chapter on NT so far...

Josh

[Brandito]

Yeah... I agree, make sure you have installed all of the packages for the IIS server.

Also check to make sure your STMP mail server is secure. There are usually alot of problems with it that will crash your system.

Setup a Proxy... and also set up a good Firewall! The firewall is the key to your system's security. I have not used it... but I think Black Ice Defender would be great!

Once you have done all of that you can try to hack your own system (or have some one else do it for you). Since you have pimped up your security with all of the stuff above you might want to go to a hacker/security site and see if there has been any known exploits found in the last month or so.

Other than that,
Keep it real...

Brandito

[equuelus]

Firstly, thanks JoshT and Brandito for replying.

JoshT, you said disabling NetBios? but how. Do I have to restart and press del to go to the netbios setup page and then disabling it? or there is a much simpler way to do that?..

and brandito, you mentioned about making sure my smtp server safe and secure.. how? is it by disabling that service too?..

thanks.

[Brandito]

It can be. What ever you don't NEED... be safe and dissable them. That includes stuff like STMP, FTP, and any other server you might be running but not using.

If you are going to use them... just make sure that you install all of the updates for them when they are released.

Trust me though, I doubt some one will want to hack your box. A simple firewall like B.I.D. will get you as far as you need.

L8r,
Brandito

[JoshT]

Depending on the needs on your network, you could block access to the Netbios ports at your perimeter routers. If it's a stand-alone server, not on a Windows network, you probably do not need Netbios at all. I believe Win2000 should make it easy to remove/disable. I have more experience with NT Server than 200o Server, though. I guess just try to get at your computer through TCP port 139 from a computer that shouldn't be that priviledged.

AS far as BID, I've put it on NT Servers running Proxy 2.0 and it seems to work fine. However, it does not work well on Domain Controllers. And I don't think Network Ice supports BID on servers.

Josh

[Piz Bruin]

There are some good utilties to test your security at:

http://www.grc.com

I'm "Full Stealth"......