RE: Secure Windows 2000 pro/server
From: Salisko, Rick (SaliskoR@ottawapolice.ca)Date: 10/30/01
- Previous message: Erik Birkholz: "RE: Secure Windows 2000 pro/server"
- Maybe in reply to: John Minnella: "Secure Windows 2000 pro/server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <51AD9EDB3228D011B29800805FEAB11D01A3D09E@OTTMSG2> From: "Salisko, Rick" <SaliskoR@ottawapolice.ca> To: 'Erik Birkholz' <erik@foundstone.com>, 'Brad Judy ' <judy@colorado.edu>, 'John Minnella ' <JohnM@environics.ca>, "'focus-ms@securityfocus.com '" <focus-ms@securityfocus.com> Subject: RE: Secure Windows 2000 pro/server Date: Tue, 30 Oct 2001 14:07:05 -0500
Speaking of Hacking Exposed Windows 2000. Is the book a repeat of the information contained in Hacking Exposed Third Edition, or is it completely new information ? I'm trying to determine if it is worth buying both.
Rick Salisko
-----Original Message-----
From: Erik Birkholz [mailto:erik@foundstone.com]
Sent: Monday, October 29, 2001 8:29 PM
To: 'Brad Judy '; 'John Minnella '; 'focus-ms@securityfocus.com '
Subject: RE: Secure Windows 2000 pro/server
Don't forget the one in Hacking Exposed Windows 2000. It is the best one in
my obviously biased opinion.
--Erik
-----Original Message-----
From: Brad Judy
To: John Minnella; focus-ms@securityfocus.com
Sent: 10/29/2001 9:11 AM
Subject: RE: Secure Windows 2000 pro/server
There are a number of good write-ups. Some of them are directed toward
Server, but most aspects of hardening are common between the two. Here
are
a few of the ones I have used:
"Windows 2000 Baseline Security Checklist" by Microsoft - there are also
Server and IIS versions of this document available.
http://www.microsoft.com/technet/security/tools/w2kprocl.asp
"Hardening Windows 2000" by Phil Cox - From the book "Windows 2000
Security
Handbook" Phil Cox et al.
http://www.systemexperts.com/tutors/HardenW2K101.pdf
Windows 2000 Security Recommendations Guides by the National Security
Agency - directed toward federal agencies, but much is applicable to
other
organizations. Read the "Guide to Securing Microsoft Windows 2000 File
and
Disk Resources"
http://nsa2.www.conxion.com/win2k/download.htm
I like this guide from Yale as well - very similar to the one I am
writing
for our campus.
http://www.yale.edu/its/security/Procedures/Securing/NT/w2k/
A couple of other decent ones:
Labmice.net
http://www.labmice.net/articles/securingwin2000.htm
ArsTechnica
http://arstechnica.com/tweak/win2k/security/begin-1.html
Most of these pages overlap greatly and some of them contradict each
other,
but there are differences in opinion in all fields. There are many
other
resources for Windows 2000 security. Out of the several W2K security
book I
have worked with, I like "Windows 2000 Security Handbook" by Phil Cox et
al,
and "Securing Windows NT/2000 Servers for the Internet" by Stefan
Norberg.
There is also a Windows 2000 reading room at SANS
(http://www.sans.org/infosecFAQ/win2000/win2000_list.htm) with many good
articles about various aspects of security in Windows 2000.
I hope this helps and was not too much information.
Brad Judy
Information Technology Services
University of Colorado at Boulder
> -----Original Message-----
> From: John Minnella [mailto:JohnM@environics.ca]
> Sent: Monday, October 29, 2001 7:50 AM
> To: focus-ms@securityfocus.com
> Subject: Secure Windows 2000 pro/server
>
>
> Hi,
> are there any good write ups on how to secure/harden Windows 2000 Pro?
>
- Previous message: Erik Birkholz: "RE: Secure Windows 2000 pro/server"
- Maybe in reply to: John Minnella: "Secure Windows 2000 pro/server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
