Re: What server hardening are you doing these days?

From: Mike Dieroff (michael_at_bluescreenit.co.uk)
Date: 11/11/05

  • Next message: Laura A. Robinson: "RE: Deny Logon by Domain Admin account to specific PC's or deny to all BUT specific PC's"
    To: <larobins@bellatlantic.net>
    Date: Fri, 11 Nov 2005 19:32:58 -0000
    
    

    As a man of few words Laura, I have to say touche!!!

    Server hardening - what a concept when each and every server has and depicts
    different needs. Nothing can compensate for a solid understanding in
    infrastructure and application Security needs of a network.

    Correct me if I am not wrong, but many of the guides facilitate an
    understanding. Then it's all up to the imagination!!!

    Mike

    ----- Original Message -----
    From: "Laura A. Robinson" <larobins@bellatlantic.net>
    To: <tux@911networks.com>; "'Derick Anderson'" <danderson@vikus.com>
    Cc: <focus-ms@securityfocus.com>
    Sent: Friday, November 11, 2005 2:26 AM
    Subject: RE: What server hardening are you doing these days?

    > Okay, now I'm just chuckling. Have you actually downloaded these guides?
    > The
    > Win2K3 NSA OS security guide IS the Microsoft guide. One and the same.
    > Copyrights intact. S A M E G U I D E.
    >
    > Again, the NSA puts the MICROSOFT Win2K3 security guide on the NSA site
    > because it is solid, tested, and very, very well-done.
    >
    > Laura
    >
    >> -----Original Message-----
    >> From: Syv Ritch [mailto:tux@911networks.com]
    >> Sent: Thursday, November 10, 2005 6:34 PM
    >> To: Derick Anderson
    >> Cc: focus-ms@securityfocus.com
    >> Subject: Re: What server hardening are you doing these days?
    >>
    >> Derick Anderson wrote:
    >>
    >> > I also stick to Microsoft best practices when it comes to Microsoft
    >> > servers, it's just safer that way. I haven't yet implemented the
    >> > Windows
    >> > 2003 Security guide templates (for fear of breaking our production
    >> > environment) but I plan to do that after I've taken care of
    >> some other
    >> > more basic issues (domain split, network split, user
    >> lockdown, etc.).
    >> >
    >>
    >> Maybe you should reconsider. There is lot better than MS when
    >> it comes to advising on security.
    >>
    >> http://www.nsa.gov/snac/downloads_all.cfm
    >>
    >> The NSA. They have both guides and templates. It actually
    >> works and is far more secure than the MS advice.
    >>
    >> --
    >> Thanks
    >> http://www.911networks.com
    >> When the network has to work Cisco/Microsoft
    >>
    >> --------------------------------------------------------------
    >> -------------
    >> --------------------------------------------------------------
    >> -------------
    >>
    >
    >
    > ---------------------------------------------------------------------------
    > ---------------------------------------------------------------------------
    >
    >

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: Laura A. Robinson: "RE: Deny Logon by Domain Admin account to specific PC's or deny to all BUT specific PC's"