Threat Level: green Handler on Duty: Adrien de Beaupre

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Tip of the Day - Turn the NICs off during installation

Published: 2006-08-17
Last Updated: 2006-08-17 00:14:34 UTC
by Pedro Bueno (Version: 1)
0 comment(s)
During one of those past weekends I was installing and configuring some honeypots.

I decided to try different Operating Systems to see which one would fit better for my needs.

As I already had a perfect NAT for one IP, nothing more natural that I already put the IP address on the OS during installation, right?
Yep, WRONG! The reason is that if you install an internet facing OS (like my NAT was providing me), maybe there will be not enough time to apply the patches (even offline patches, from CDs or Pen Drivers).

So, my Tip of the Day, is for whatever OS that you are installing, if you can't unplug physically the network, choose to not configure the NICs during installation. In this way, you will have enough time to check which Services will be running in your machine, and turn it down before someone explore your unpatched OS, because if you are installing a fresh OS, chances are that some applications/services are already outdated and you may be a victim of some bot of the day...
Don't trust me? Check this out...

-------------------------------------------------------------------------------------------------
Handler on Duty: Pedro Bueno ( pbueno //&&// isc .sans .org )
Keywords: ToD
0 comment(s)
Diary Archives