Re: What server hardening are you doing these days?

• Previous message: Paul Greene: "break in?"
• In reply to: Laura A. Robinson: "RE: What server hardening are you doing these days?"
• Next in thread: jordanpw: "Re: What server hardening are you doing these days?"
• Reply: jordanpw: "Re: What server hardening are you doing these days?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 11 Nov 2005 20:12:05 -0500
To: focus-ms@securityfocus.com

First off, I have to say that this is one of the more attention getting
threads I've seen in a while here. This got my attention because I'm in
the process of fleshing out the Windows server configuration standard
for my employer. I've been reading most of the guides that have flown
through this thread, and they're valuable resources, so I figure I'll
add one I've found:

http://www.microsoft.com/technet/security/topics/serversecurity/serviceaccount/default.mspx
^^ that's "The Services and Service Accounts Security Planning Guide,"
and it has a place in my hardening toolkit.
it completely reinforces the concept of least privilege, and gives
excellent guidance in deriving what kind of account is needed for
specific occasions.

As far as people being concerned with hotfixes causing their hardened
servers to implode: I've found that VMware's product line is ideal for
building out a lab on a budget. I'm using VMware workstation combined
with the P2V Assistant to create a complete virtual lab of my production
network. I can test patches in a sandbox without having to worry about
having an impact on production. Other tools -- sysinternals.com,
filemonNT, regmonNT, process explorer and their ilk are fabulous for
tracking what is happening and what apps need what privileges.

hope that somone finds my post helpful -- I've found quite a bit of nice
info in this thread already :)

--Justin

Laura A. Robinson wrote:

>Very well put, Mike. I think that when people haven't looked at the guides,
>they may not realize that the bulk of what is in them is informative rathter
>than a simple "do this...do that" set of instructions. I personally believe
>that anybody who is touching Win2K3, claims interest in security, yet hasn't
>read the Microsoft Security Guidance documents should spend a few days with
>those guides before making any proclamations. One can't speak to that which
>one does not yet know. :-)
>
>Laura
>

---------------------------------------------------------------------------
---------------------------------------------------------------------------

• Previous message: Paul Greene: "break in?"
• In reply to: Laura A. Robinson: "RE: What server hardening are you doing these days?"
• Next in thread: jordanpw: "Re: What server hardening are you doing these days?"
• Reply: jordanpw: "Re: What server hardening are you doing these days?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]