Ask the Expert

How do I secure Windows NT/XP using the NetBIOS and LDAP protocols?

How do I secure Windows NT/XP using the NetBIOS and LDAP protocols? What steps should I take to detect and protect against intruders?

    Requires Free Membership to View

If you need to transmit NetBIOS or LDAP across an untrusted network (i.e., the Internet, your DMZ, internal network, etc.), use an encrypted VPN to ensure it is protected. For detection, employ strong host-based security on both endpoints. Use both antivirus and antispyware tools to detect any malware inserted there. Also, diligently review the logs from these machines and look for suspicious entries, including changes to critical system files. Next, run a file integrity-checking tool, such as Tripwire, on each endpoint. Then make sure the system administrators on the server side diligently watch for additional users added to the admin group.

If you need more information, you can download the Intrusion Discovery Cheat Sheets I wrote at www.sans.org/resources/winsacheatsheet.pdf
and www.sans.org/resources/linsacheatsheet.pdf.

This was first published in May 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: