RE: Windows 2003 Server - MS Rulez?

From: Willis Johnson (willisj_at_microsoft.com)
Date: 05/24/03

  • Next message: Nina V. Levitin: "RE: Windows 2003 Server - MS Rulez?"
    Date: Fri, 23 May 2003 15:09:16 -0700
    To: "Steve" <securityfocus@delahunty.com>, "Kelly Fuller" <kelly@ccgsecurity.com>, "Street" <streetseeker@mail.ru>, <focus-ms@securityfocus.com>
    
    

    There's a great new white paper on Windows XP/2003 services on TechNet:
    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodt
    echnol/windowsserver2003/plan/svrxpser.asp

    I personally found it quite helpful. In addition to tightening up
    security on my systems, it gave me what I needed to goose performance on
    my laptop by turning off many services.

    Willis Johnson
    Microsoft

    ...not the official position of Microsoft, all disclaimers apply, etc.
    :-)

    -----Original Message-----
    From: Steve [mailto:securityfocus@delahunty.com]
    Sent: Friday, May 23, 2003 2:08 PM
    To: Kelly Fuller; Street; focus-ms@securityfocus.com
    Subject: Re: Windows 2003 Server - MS Rulez?

    I also liked the feature that Windows Server 2003 does not run unnessary
    services. I found the launch event to be very educational and the
    security issues to be well addressed.

    STEVE

    ----- Original Message -----
    From: "Kelly Fuller" <kelly@ccgsecurity.com>
    To: "Street" <streetseeker@mail.ru>; <focus-ms@securityfocus.com>
    Sent: Friday, May 23, 2003 4:02 PM
    Subject: RE: Windows 2003 Server - MS Rulez?

    The hash (most commonly MD5 or SHA) is known as a one-way algorithm and
    is very difficult to reverse. I would think this method is rather secure
    in that respect.

    Kelly B. Fuller
    Network Security Engineer
    Continental Consulting Group

    -----Original Message-----
    From: Street [mailto:streetseeker@mail.ru]
    Sent: Friday, May 23, 2003 6:02 PM
    To: focus-ms@securityfocus.com
    Subject: Windows 2003 Server - MS Rulez?

    Hello list. Today I have attended to official presentation of Microsoft
    Windows 2003 Server. And the representatives of Microsoft gave to my
    organisation an evaluation version of 2003 Server. That thing looks very
    secure, i.e. known methods of attack did not gave a damn thing. Also I
    learned an interesting feature - prohibition of launch of any program is
    not made by its exe name - it makes a hash from the body of program and
    politics are applied using this hash. I wonder whether this method is
    secure and if there are any ways to defeat it.

    Any thoughts? Thank you in advance.

    -- 
    Best regards,
     Street                          mailto:streetseeker@mail.ru
    ------------------------------------------------------------------------
    -----
    *** Wireless LAN Policies for Security & Management - NEW White Paper
    *** Just like wired networks, wireless LANs require network security
    policies that are enforced to protect WLANs from known vulnerabilities
    and threats. Learn to design, implement and enforce WLAN security
    policies to lockdown enterprise WLANs.
    To get your FREE white paper visit us at:
    http://www.securityfocus.com/AirDefense-focus-ms
    ------------------------------------------------------------------------
    ------
    ------------------------------------------------------------------------
    ----
    -
    *** Wireless LAN Policies for Security & Management - NEW White Paper
    *** Just like wired networks, wireless LANs require network security
    policies that are enforced to protect WLANs from known vulnerabilities
    and threats. Learn to design, implement and enforce WLAN security
    policies to lockdown enterprise WLANs.
    To get your FREE white paper visit us at:
    http://www.securityfocus.com/AirDefense-focus-ms
    ------------------------------------------------------------------------
    ----
    --
    ------------------------------------------------------------------------
    -----
    *** Wireless LAN Policies for Security & Management - NEW White Paper
    *** Just like wired networks, wireless LANs require network security
    policies that are enforced to protect WLANs from known vulnerabilities
    and threats. 
    Learn to design, implement and enforce WLAN security policies to
    lockdown enterprise WLANs.
    To get your FREE white paper visit us at: 
    http://www.securityfocus.com/AirDefense-focus-ms
    ------------------------------------------------------------------------
    ------
    -----------------------------------------------------------------------------
    *** Wireless LAN Policies for Security & Management - NEW White Paper ***
    Just like wired networks, wireless LANs require network security policies
    that are enforced to protect WLANs from known vulnerabilities and threats. 
    Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.
    To get your FREE white paper visit us at: 
    http://www.securityfocus.com/AirDefense-focus-ms
    ------------------------------------------------------------------------------
    

  • Next message: Nina V. Levitin: "RE: Windows 2003 Server - MS Rulez?"

    Relevant Pages

    • China issues white paper on national defense
      ... China on Tuesday issued a white paper on national defense elaborating ... its new security concept and peacetime employment of armed forces. ... respectively under the seven military area commands: ...
      (soc.culture.china)
    • RE: Mass Distribution of Security Policies
      ... It could start with a Network usage agreement, (Advisory Policy) to all ... Mass Distribution of Security Policies ...
      (Security-Basics)
    • RE: [fw-wiz] Interlopers on the WLAN
      ... the weak default setus that might be infringing security of various gov ... > these WLANs are operated by non-technical consumers who, in my view, ... Spammers might well take this route, and might already have taken this ... shadowed by the free wireless routes available for access. ...
      (Firewall-Wizards)
    • RE: Security Policy-Please help
      ... your Masters in Systems & Network Security, ... Before you begin writing policies, you deffinetly want to make sure you've ... SANS Security Policy Project at http://www.sans.org/resources/policies/. ... L0phtcrack is one of the better tools for testing password ...
      (Security-Basics)
    • Re: Least User Priviledges for Network Administrators
      ... It makes sense to have a chain of command and approval policy to keep things ... the computer use policies, software purchasing policies, security ... upper management--both within the Network Technology group, ... driving the process of tightening down security. ...
      (microsoft.public.windowsxp.security_admin)