Re: What server hardening are you doing these days?

From: Mike Dieroff (michael_at_bluescreenit.co.uk)
Date: 11/11/05

  • Next message: Laura A. Robinson: "RE: Deny Logon by Domain Admin account to specific PC's or deny to all BUT specific PC's"
    To: <larobins@bellatlantic.net>
    Date: Fri, 11 Nov 2005 19:32:58 -0000
    
    

    As a man of few words Laura, I have to say touche!!!

    Server hardening - what a concept when each and every server has and depicts
    different needs. Nothing can compensate for a solid understanding in
    infrastructure and application Security needs of a network.

    Correct me if I am not wrong, but many of the guides facilitate an
    understanding. Then it's all up to the imagination!!!

    Mike

    ----- Original Message -----
    From: "Laura A. Robinson" <larobins@bellatlantic.net>
    To: <tux@911networks.com>; "'Derick Anderson'" <danderson@vikus.com>
    Cc: <focus-ms@securityfocus.com>
    Sent: Friday, November 11, 2005 2:26 AM
    Subject: RE: What server hardening are you doing these days?

    > Okay, now I'm just chuckling. Have you actually downloaded these guides?
    > The
    > Win2K3 NSA OS security guide IS the Microsoft guide. One and the same.
    > Copyrights intact. S A M E G U I D E.
    >
    > Again, the NSA puts the MICROSOFT Win2K3 security guide on the NSA site
    > because it is solid, tested, and very, very well-done.
    >
    > Laura
    >
    >> -----Original Message-----
    >> From: Syv Ritch [mailto:tux@911networks.com]
    >> Sent: Thursday, November 10, 2005 6:34 PM
    >> To: Derick Anderson
    >> Cc: focus-ms@securityfocus.com
    >> Subject: Re: What server hardening are you doing these days?
    >>
    >> Derick Anderson wrote:
    >>
    >> > I also stick to Microsoft best practices when it comes to Microsoft
    >> > servers, it's just safer that way. I haven't yet implemented the
    >> > Windows
    >> > 2003 Security guide templates (for fear of breaking our production
    >> > environment) but I plan to do that after I've taken care of
    >> some other
    >> > more basic issues (domain split, network split, user
    >> lockdown, etc.).
    >> >
    >>
    >> Maybe you should reconsider. There is lot better than MS when
    >> it comes to advising on security.
    >>
    >> http://www.nsa.gov/snac/downloads_all.cfm
    >>
    >> The NSA. They have both guides and templates. It actually
    >> works and is far more secure than the MS advice.
    >>
    >> --
    >> Thanks
    >> http://www.911networks.com
    >> When the network has to work Cisco/Microsoft
    >>
    >> --------------------------------------------------------------
    >> -------------
    >> --------------------------------------------------------------
    >> -------------
    >>
    >
    >
    > ---------------------------------------------------------------------------
    > ---------------------------------------------------------------------------
    >
    >

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: Laura A. Robinson: "RE: Deny Logon by Domain Admin account to specific PC's or deny to all BUT specific PC's"

    Relevant Pages

    • RE: What server hardening are you doing these days?
      ... Win2K3 NSA OS security guide IS the Microsoft guide. ...
      (Focus-Microsoft)
    • So, You Want to Hide from the NSA? Your Guide to the Nearly Impossible - Any more complaints abo
      ... PRISM Companies Start Denying Knowledge of the NSA Data Collection ... For assistance in fleshing out this guide, we spoke with Micah Lee, staff technologist with the Electronic Frontier Foundation. ... You can also get TOR browsers for your iPhone or Android device. ... The only truly safe way to protect yourself is to abstain completely. ...
      (soc.culture.china)
    • Re: Explanation of Anonymous Named Pipes Security Policy
      ... Read in the Wiindows Server 2003 Security guide. ... domain controller ...
      (microsoft.public.windows.server.security)
    • Re: Windows XP security guide download
      ... Windows XP Security Guide ... > I've just read Windows XP Security guide and on page 8, ... > I've repeated the search by google or microsoft search engine but the ...
      (microsoft.public.windowsxp.security_admin)
    • Windows XP security guide download
      ... I've just read Windows XP Security guide and on page 8, the documents say: " A collection of security templates, scripts, and additional tools are included with this guide to make it easier for your organization to evaluate, test, and implement the ... I've repeated the search by google or microsoft search engine but the result was the same! ...
      (microsoft.public.windowsxp.security_admin)