lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <87tzh5ugx8.fsf@quad.core.gen.tr>
Date: Sun, 11 May 2008 16:08:35 +0300
From: Aycan iRiCAN <aycan.irican@...e.gen.tr>
To: full-disclosure@...ts.grok.org.uk
Subject: Gate


An officially declared open hole.

http://www.cit.nih.gov/Support/FAQ/Fdcc/

 31.      What's the proper configuration of the Windows XP personal
 firewall to allow for configuration scanning by the NIH Incident
 Response Team (NIH IRT)?

 As part of this program, OMB also requires verification of compliance
 with FDCC requirements using Security Content Automation Protocol (SCAP)
 scanning tools.  NIH and HHS are in the process of acquiring SCAP
 technology which will allow IC’s to check their configurations as well
 as to provide reports to HHS and to the HHS Office of the Inspector
 General (OIG) upon request.  Due to Windows XP firewall limitations, the
 capability to allow authorized scanning tools to audit systems for
 vulnerabilities is not feasible in light of FDCC. Scanning for
 vulnerabilities using traditional methods will be supplemented with the
 IRT’s capability to conduct Configuration scans of desktop and laptops
 using SCAP tools. The addition of these configuration audits along with
 the use of the Windows firewall will offset the risk of not using the
 traditional vulnerability scanning methods for workstations and
 laptops. Public-facing servers are not bound by FDCC and therefore
 traditional methods of vulnerability scanning will not be affected. 

 FDCC Firewall Configuration to support NIH IRT compliance scanning:
 The File and Print Sharing and Server services must be enabled.
 With the Window firewall enabled, the following ports must be enabled:
 TCP 139 
 TCP 445
 UDP 137
 UDP 138

 This document is at http://irm.cit.nih.gov/security/FDCC_Waivers.doc

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ