|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: PROPOSAL: Cluster 19 - NTCONFIG (13 candidates)
This is to correct a entry that was made is my original vote. ================================= Candidate: CAN-1999-0499 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF NETBIOS share information may be published through SNMP registry keys in NT. VOTE: Accept ================================= Candidate: CAN-1999-0534 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input. VOTE: Accept ================================= Candidate: CAN-1999-0535 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. VOTE: Recast What is appropriate? ================================= Candidate: CAN-1999-0546 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF The Windows NT guest account is enabled. VOTE: Accept ================================= Candidate: CAN-1999-0562 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF The registry in Windows NT can be accessed remotely by users who are not administrators. VOTE: Accept ================================= Candidate: CAN-1999-0572 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF ......reg files are associated with the Windows NT registry editor, making the registry susceptible to Trojan Horse attacks. VOTE: Accept ================================= Candidate: CAN-1999-0575 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking. VOTE: Accept It is far less interesting what a user does successfully that what they attempt and fail at. ================================= Candidate: CAN-1999-0576 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. VOTE: Modify Some files and directories are clearly understood to be critical. Others are unclear. We need to clarify that critical is. ================================= Candidate: CAN-1999-0577 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. VOTE: Modify It is far less interesting what a user does successfully that what they attempt and fail at. Perhaps only failure should be logged. ================================= Candidate: CAN-1999-0578 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. VOTE: Accept with reservation Again what is defined as critical ================================= Candidate: CAN-1999-0579 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. VOTE: Modify Again only failure may be of interest. It would be impractical to wad through the incredibly large amount of logging that this would generate. It could overwhelm log entries that you might find interesting. ================================= Candidate: CAN-1999-0582 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc. VOTE: Accept with reservations What is appropriate? ================================= Candidate: CAN-1999-0585 Published: Final-Decision: Interim-Decision: Modified: Announced: 19990721 Assigned: 19990607 Category: CF A Windows NT administrator account has the default name of Administrator. VOTE: Accept
|
||||
