Problem solve Get help with specific problems with your technologies, process and projects.

How do I secure Windows NT/XP using the NetBIOS and LDAP protocols?

In this Ask the Expert Q&A, our security threats expert, Ed Skoudis, discusses how to secure Windows NT/XP using the NetBIOS and LDAP protocols and what steps should be taken to protect against intruders.

How do I secure Windows NT/XP using the NetBIOS and LDAP protocols? What steps should I take to detect and protect against intruders?
If you need to transmit NetBIOS or LDAP across an untrusted network (i.e., the Internet, your DMZ, internal network, etc.), use an encrypted VPN to ensure it is protected. For detection, employ strong host-based security on both endpoints. Use both antivirus and anti spyware tools to detect any malware inserted there. Also, diligently review the logs from these machines and look for suspicious entries, including changes to critical system files. Next, run a file integrity-checking tool, such as Tripwire, on each endpoint. Then make sure the system administrators on the server side diligently watch for additional users added to the admin group.

If you need more information, you can download the Intrusion Discovery Cheat Sheets I wrote at www.sans.org/resources/winsacheatsheet.pdf
and www.sans.org/resources/linsacheatsheet.pdf.

This was last published in May 2006

Dig Deeper on Web authentication and access control

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.