Are you running Windows NT or 2000 somewhere on your network? I'll bet you are. In fact, many organizations are still running Windows NT and 2000 on core production workstations and servers in some fashion -- critical Web, file, and database servers included. This is all fine and good -- I still run Windows 2000 on my network -- but we've got to be very careful not to let our guard down when it comes to keeping these older operating systems protected from old and new threats and vulnerabilities.
The first step, obviously, is keeping these systems patched. Most new threats against these operating systems are easily fixed with patches -- for 2000 at least, since NT is officially unsupported. With Windows 2000, you've got until 2010 with Microsoft committed to providing security updates for SP4 customers.
Patches for known exploits are one thing, but there are also inherent flaws in the NT architecture affecting both platforms that we can't afford to forget. Among the big things we need to worry about with older versions of Windows are:
These ingrained Windows weaknesses are a surefire invitation for system compromise of Windows NT and 2000 especially on publicly-facing systems that are not adequately protected. Just because you've forgotten about them doesn't mean they shouldn't be protected. What about those lo
To continue reading for free, register below or login
To read more you must become a member of SearchEnterpriseDesktop.com
ng forgotten systems that you can't touch because they're too fragile or those systems that have since been drywalled into their own rooms? <funnystory> There are some old tales of sheetrock being framed up around old NetWare 2.x servers. The funny thing is that no one noticed because they never had to be maintained or rebooted. Ah, the good old days. </funnystory>
These are the main areas where you should focus efforts:
Don't think for one minute that the bad guys have moved away from older versions of Windows and are only focusing on the latest and greatest technologies. They're going to go for the biggest bang for their buck among the masses of Windows installations. If you're running Windows NT or 2000, you're still a target and will continue to be a target. Stay informed and, by all means, keep those hackles up.
About the author: Kevin Beaver is an independent information security consultant, author, and speaker with Atlanta-based Principle Logic, LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments. Kevin has written five books including Hacking For Dummies (Wiley), Hacking Wireless Networks For Dummies, and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at kbeaver @ principlelogic.com.
