Re: RWW using external domain name
From: IBC (spamityspam_at_spam.spam)
Date: 02/10/05
- Next message: Mike-in-Houston: "Re: Connectivity to remote computer could not be stablished"
- Previous message: Jeff Kushen, MCSE: "Windows Media Services"
- In reply to: SuperGumby [SBS MVP]: "Re: RWW using external domain name"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 10 Feb 2005 09:45:24 -0600
I agree with you in context, but I'd more equate it to this:
1,000's of people leave their doors unlocked on their house every day when
they leave. This is a bad practice to begin with, but it's lessened by the
fact that they don't hang advertising over the door saying "C'mon in!".
Anybody who took the time to check the door could walk right in at anytime,
but MOST people don't waltz randomly from house to house checking doors,
they go for the obvious targets.
If you KNOW your machine isn't secure, I absolutely agree that you have no
business putting it out on the 'net. The point I was making is that you may
think your setup is secure and there are no backdoors only until Microsoft
releases the next set of patches. At that point you learn about an exploit
you previously knew nothing about, but I bet the hackers did. More
specifically, if a sudden hack were to come out for RWW on SBS, a simple
search of the groups will give the hacker all the info he needs without
having to port scan the whole internet looking for a new toy.
I may have overstated it by using "phenomenally", but my point was simple
that I didn't think giving anybody anymore information than absolutely
necessary about your network is a wise idea. I'm still the newbie here even
after a few years, you have far more experience so I defer to your higher
BTDT score. It just seemed like a bad idea in general, regardless of proper
security.
"SuperGumby [SBS MVP]" <not@your.nellie> wrote in message
news:ezdoCnwDFHA.1408@TK2MSFTNGP10.phx.gbl...
> is it really that bad?
>
> The site/server are available on the internet whether anyone posts a link
to
> it or not.
>
> Matter of fact, if you don't have ISA anyone hitting your
SBS_IP_address:80
> (which for most people is revealed in every post) will get the same
result.
>
> _-*YES*-_ If you think you may have a security problem with your SBS
related
> sites obfuscation is highly desirable.
> HMMMM, I just noticed that that statement has a logical flaw.
> _-*UNLESS*-_ you are _-*CERTAIN*-_ there are no security problems with
> access to your site you should make _-*ZERO*-_ information available
> publicly.
>
> If best practices are applied (two NIC + router minimum, ISA desirable)
most
> associated problems just plain don't exist.
>
> "IBC" <spamityspam@spam.spam> wrote in message
> news:u9O0PFvDFHA.464@TK2MSFTNGP15.phx.gbl...
> > I'm not the sharpest knife in the drawer, but isn't posting a link to
your
> > actual server a phenomenally bad idea?
> >
> > I'm sure 'if properly secured' its no big shakes, but who knows what the
> > kids will find tomorrow and how long it will take Microsoft to fix it.
I'd
> > personally use a mock name and if you need somebody to actually test it
> > contact them directly.
> >
> > JM2C
> >
> >
> >
> > "Cris Hanna [SBS-MVP]"
<crisnospamhanna@computingnospampossibilities.net>
> > wrote in message news:eXH7htuDFHA.2508@TK2MSFTNGP09.phx.gbl...
> >> the correct url for RWW would be
> >> http://esserver.esms-homemed.com/remote
> >>
> >>
> >> --
> >> Cris Hanna [SBS - MVP]
> >> ---------------------------------------
> >> Please reply only to the newsgroup and not to me directly so that
> >> everyone
> >> can benefit from the information
> >> "GBWarren" <GBWarren@discussions.microsoft.com> wrote in message
> >> news:648D1804-90A2-413D-A1D8-1A8F8BC100A9@microsoft.com...
> >> >I can access RWW using the ip address of my external nic. When I try
to
> >> > access via http://esserver.esms-homemed.com it will not access
telling
> > me
> >> > "Host cannot be found". Here are the results of ipconfig /all.
> >> >
> >> >
> >> > Microsoft Windows [Version 5.2.3790]
> >> > (C) Copyright 1985-2003 Microsoft Corp.
> >> >
> >> > C:\Documents and Settings\Administrator>ipconfig /all
> >> >
> >> > Windows IP Configuration
> >> >
> >> > Host Name . . . . . . . . . . . . : esserver
> >> > Primary Dns Suffix . . . . . . . : esms-homemed.local
> >> > Node Type . . . . . . . . . . . . : Unknown
> >> > IP Routing Enabled. . . . . . . . : Yes
> >> > WINS Proxy Enabled. . . . . . . . : Yes
> >> > DNS Suffix Search List. . . . . . : esms-homemed.local
> >> > hsd1.pa.comcast.net.
> >> >
> >> > Ethernet adapter Network Connection:
> >> >
> >> > Connection-specific DNS Suffix . : hsd1.pa.comcast.net.
> >> > Description . . . . . . . . . . . : Linksys LNE100TX Fast Ethernet
> >> > Adapter(LN
> >> > E100TX v4)
> >> > Physical Address. . . . . . . . . : 00-0C-41-1E-29-04
> >> > DHCP Enabled. . . . . . . . . . . : Yes
> >> > Autoconfiguration Enabled . . . . : Yes
> >> > IP Address. . . . . . . . . . . . : 24.3.55.233
> >> > Subnet Mask . . . . . . . . . . . : 255.255.248.0
> >> > Default Gateway . . . . . . . . . : 24.3.48.1
> >> > DHCP Server . . . . . . . . . . . : 68.87.75.10
> >> > DNS Servers . . . . . . . . . . . : 192.168.16.2
> >> > NetBIOS over Tcpip. . . . . . . . : Disabled
> >> > Lease Obtained. . . . . . . . . . : Wednesday, February 09, 2005
> > 1:37:51
> >> > PM
> >> > Lease Expires . . . . . . . . . . : Sunday, February 13, 2005
> >> > 11:18:42
> >> > AM
> >> >
> >> > Ethernet adapter Server Local Area Connection:
> >> >
> >> > Connection-specific DNS Suffix . :
> >> > Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
> >> > Connection
> >> > Physical Address. . . . . . . . . : 00-C0-9F-34-96-02
> >> > DHCP Enabled. . . . . . . . . . . : No
> >> > IP Address. . . . . . . . . . . . : 192.168.16.2
> >> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >> > Default Gateway . . . . . . . . . :
> >> > DNS Servers . . . . . . . . . . . : 192.168.16.2
> >> > Primary WINS Server . . . . . . . : 192.168.16.2
> >> >
> >> > Any help would be greatly appreciated.
> >> >
> >> > Garan Warren
> >> >
> >>
> >>
> >
> >
>
>
- Next message: Mike-in-Houston: "Re: Connectivity to remote computer could not be stablished"
- Previous message: Jeff Kushen, MCSE: "Windows Media Services"
- In reply to: SuperGumby [SBS MVP]: "Re: RWW using external domain name"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
