RE: Binding Windows Services to Specific Addresses Only
- From: "Davies, Alan (GE Money)" <AlanJ.Davies@xxxxxx>
- Date: Tue, 6 May 2008 09:24:23 +0100
Hi Chris,
You best bet is to start here:
http://www.cisecurity.org/
That'll give you both templates based on best practice and a scoring tool to
sink your teeth into. There is indeed plenty more you can do, depending on
your environment, to harden Windows systems.
Obviously once deployed, you should also have a patching policy. AV and
HIDS are good. Proper change management, build policy, admin restriction,
etc. are the other "soft" bit that keep it the way you designed it.
alan
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of Christian Koerner
Sent: 04 May 2008 00:13
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: Binding Windows Services to Specific Addresses Only
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello everybody!
When it comes to Windows hardening and in specific restricting Windows'
services, the only suggestions that I've found so far are:
*) disable unnecessary services
*) restrict network access through packet filtering
What else can be done and isn't it possible to bind Windows' services to a
specific address/interface, e.g. LAN.
Thanks in advance
Chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIHPGV6rqywW28g1IRAohNAKCQ9vfcx/N5vRr0bbbiBityYayO4wCgottt
+JClyFFafYzq0ojEA0AfS1c=
=2nbF
-----END PGP SIGNATURE-----
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- References:
- Binding Windows Services to Specific Addresses Only
- From: Christian Koerner
- Binding Windows Services to Specific Addresses Only
- Prev by Date: Re: Binding Windows Services to Specific Addresses Only
- Next by Date: SecurityFocus Microsoft Newsletter #393
- Previous by thread: RE: Binding Windows Services to Specific Addresses Only
- Next by thread: RE: Binding Windows Services to Specific Addresses Only
- Index(es):
Relevant Pages
|
