From: Raymond Jett \(rajett\) (rajett@cisco.com)
Date: Wed Apr 21 2004 - 20:48:11 GMT-3
Hrmmmmm...
It's all about what you have knowledge in...
If you only have M$ knowledge then you'll want to strip out every service &
piece of software you can, patch it fully, and harden it to the best of the
M$ specs... After that, install some kind of intrusion protection software
like Cisco Security Agent... Since it'll be on a DMZ somewhere for clients
to access it, you'll want it as hard as you can possibly get it.
If you have *nix knowledge then go Open Source and strip the build down
sooooo tight that there's almost nothing running ;)
Of course, if you have the $$$ then you can leave all that hardening &
security to someone else that has an audited infrastructure for PKI.
hehehehehehe
RJ
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
xkyxky
Sent: Wednesday, April 21, 2004 2:58 PM
To: Jim Devane; sustundag@secura.com.tr; ccielab@groupstudy.com
Cc: security@groupstudy.com
Subject: Re: Cisco IPsec VPN Implementation Group Password Usage
Vulnerability
What type of Cert Server you guys recommended?
Open source? M$ CA?
I have no $$$ to use entrust or verisign, RSA
xky
> From: "Jim Devane" <jim@powerpulse.cc>
> Reply-To: "Jim Devane" <jim@powerpulse.cc>
> Date: Wed, 21 Apr 2004 12:06:59 -0700
> To: <sustundag@secura.com.tr>, <ccielab@groupstudy.com>
> Cc: <security@groupstudy.com>
> Subject: RE: Cisco IPsec VPN Implementation Group Password Usage
> Vulnerability
>
> Maaaaaaaan! Setting up a Cert server is a bummer that I wanted to
> avoid... but I guess that is where it is heading now!
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of sustundag@secura.com.tr
> Sent: Wednesday, April 21, 2004 11:57 AM
> To: ccielab@groupstudy.com
> Cc: security@groupstudy.com
> Subject: OT:Cisco IPsec VPN Implementation Group Password Usage
> Vulnerability
>
> http://www.cisco.com/warp/public/707/cisco-sn-20040415-grppass.shtml
>
>
>
> I just wanted to inform you group members...
>
>
>
> Regards
>
>
>
>
>
>
>
> Serkan Ustundag
>
>
>
> Network and Security Engineer
>
> CCNP,CCDP,CCSE
>
> CCSP (Cisco Certified Security Professional)
>
> Cisco Network Management Specialist
>
>
>
> sustundag@secura.com.tr <mailto:sustundag@secura.com.tr>
>
>
>
> Secura bir TEPUM grup sirketidir
>
>
>
> Cisco Systems IP Communications Partner of the Year, 2004, Turkey
>
> Cisco Systems Security Partner of the Year, 2004, Turkey
>
> Cisco Systems AVVID Partner of the Year, 2003, EMEA (Europe, Middle
> East and
> Africa)
>
> Cisco Systems Solution Partner of the Year, 2002, Turkey
>
>
>
> Gazeteciler Mahallesi, Haberler Sokak
>
> No:8 34394 Esentepe Istanbul
>
> Direkt : +90 212 3550640
>
> Santral: +90 212 3550600
>
> Faks : +90 212 2757115
>
>
>
> www.secura.com.tr <http://www.secura.com.tr/>
>
>
>
> www.tepum.com.tr
>
> ______________________________________________________________________
> _
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:52 GMT-3