Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

XP Pro Risk Assessmet

Status
Not open for further replies.
Wazz

Wazz

Technical User
Aug 12, 2002
209
GB
Hi All,

I have been asked to run a security assessment against pc's we have which are used by the public. Apparantly I have a consultant coming in to do pen testing, but I am not sure. The pc's are running xp pro, with deepfreeze, AV, windows firewall off, no 3rd party firewall, ip address alocated via dhcp, not centraly managed on a domain, all pc's on a workgroup, no patch management, no Java - flash etc updates installed and finally the user account that the public use's is part of the power users group. There are local gpo's in place to lock down certain things, but they can still explore the entire drive and system root etc

Im sure the pen tester will rip this to bits, but is there anything that I can do to prove to management that this is a bad setup!?

Thanks,
Wazz
 
Sort by date Sort by votes
Im sure the pen tester will rip this to bits, but is there anything that I can do to prove to management that this is a bad setup!?
Click to expand...
Well, you could break the machine yourself, but that would probably be a CLM (Career Limiting Move). [wink]

running xp pro - Fine if updated, security-wise.
deepfreeze, AV - Probably not the best - and is it an outdated version, or up to date?
windows firewall off, no 3rd party firewall - S.T.U.P.I.D. - Windows Firewall should not be disabled under any "all the time" circumstances, unless there are 3rd party firewalls installed.
ip address alocated via dhcp, not centraly managed on a domain, - Probably was easiest way to setup, but probably not the best - more difficult to know who did what when/where/how...
all pc's on a workgroup Might not be terrible by itself, depending upon other things..
no patch management - You'd almost be better off with Linux if they don't want to handle patch management - the machines need to be updated, and if there is any proprietary software, especially, you'd want to test out the updates before allowing them to go onto just any PC.
no Java - flash etc updates installed - S.T.U.P.I.D. - either remove or update
and finally the user account that the public use's is part of the power users group. - S.T.U.P.I.D. The "public" has no reason to be able to install software nor change system settings, so they should not be a "power user"
There are local gpo's in place to lock down certain things, but they can still explore the entire drive and system root etc - Limited User Account = simpler and safer.

K.I.S.S. - Keep It Simple, Stupid.

[LOL2]

Well, to prove the point, you could point them to several online articles by "experts", but depending upon the management, that may or may not help.

Also, how do they connect to the web? Some sort of firewalled router, at least, I would hope. [wink]

--

"If to err is human, then I must be some kind of human!" -Me
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
818
Johnkite
Johnkite
Ailuin
  • Locked
  • Question
Best Residential proxy provider.
Replies
1
Views
924
AvivBes
AvivBes
jim_bmx
  • Locked
  • Question
sh proxy command
Replies
0
Views
818
jim_bmx
jim_bmx
RodneyMcSnow
  • Locked
  • Question
Windows 8.1 PRO has to open connections when NETSTAT is used.
Replies
0
Views
207
RodneyMcSnow
RodneyMcSnow
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
232
ITSUPPORTIT
ITSUPPORTIT

Part and Inventory Search

Sponsor

Back
Top