Monthly Archive: February 2000

A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets. Date published : 2000-02-04

A network intrusion detection system (IDS) does not verify the checksum on a packet. Date published : 2000-02-04

A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers. Date published : 2000-02-04

A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection. Date published : 2000-02-04

A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire. Date published : 2000-02-04

A Windows NT log file has an inappropriate maximum size or retention period. Date published : 2000-02-04

A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. Date published : 2000-02-04

A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive. Date published : 2000-02-04

The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. Date published : 2000-02-04 http://technet.microsoft.com/en-us/library/cc722469.aspx http://www.microsoft.com/technet/archive/winntas/deploy/confeat/06wntpcc.mspx?mfr=true

The Logon box of a Windows NT system displays the name of the last user who logged in. Date published : 2000-02-04

An event log in Windows NT has inappropriate access permissions. Date published : 2000-02-04

A system does not present an appropriate legal message or warning to a user who is accessing it. Date published : 2000-02-04

A system-critical Windows NT registry key has inappropriate permissions. Date published : 2000-02-04

A filter in a router or firewall allows unusual fragmented packets. Date published : 2000-02-04