One of the biggest criticisms of Windows 2000 was its “everything on” default installation state. For a consumer operating system, it made sense: people wanted specific functionality, and Microsoft provided it for them. For example, IIS installation was enabled by default with all possible mappings and sub-services enabled. The problem was that no one really needed Internet Printing services enabled by default. Few needed IDQ mapped to the Index Server ISAPI extensions. And production environments certainly didn’t need sample files and code examples loaded and reachable by anonymous users. The thought was that if you didn’t need a service or application, then you would go and turn it off or uninstall it. Microsoft is not alone in this folly. Solaris, for instance, also turns on many potentially unneeded services by default. I attended Jay Beale’s “Securing Solaris” Blackhat training session (in disguise, of course) and was surprised by the amount of work one had to go through to turn off all the services you really didn’t need. The problem is that many people don’t actually go back and turn things off — particularly when Windows is involved. Code Red infections are testament to this. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.