RE: Windows 2000 Questions

From: Leytens Francois X. (F.Leytens@sedelec-vs.ch)
Date: 09/19/01


Message-ID: <73CD4865AC7AD5119AE000E01806C969054862@BUHO-MAIL-GVA>
From: "Leytens Francois X." <F.Leytens@sedelec-vs.ch>
To: 'Alex Pufhal' <alexpufhal@yahoo.com>, security-basics@securityfocus.com
Subject: RE: Windows 2000 Questions
Date: Wed, 19 Sep 2001 09:06:21 +0200

Unfortunately for you, it is more easy to do so on a Linux/BSD/Solaris
platform than on a Windows 2K.

I had to do the same and what I suggest you is to install W2K and the last
SP (6.0a). Kill all uneeded services and run IIS (security scanner) on your
server. At the first scan it may give you about 4 pages of vulnerabilities
and then 1 by 1, try to fix them. This is definitively not easy as the MS
support is not that good and also because it is not that easy to find out
how to fix them. I personnaly worked with a friend which is MS MCSE and he
helped me a lot. Try to find a MS MCSE you know, pay him a few beers and he
may help you ;-)

rgds

Francois X. LEYTENS

********************************
Francois X. LEYTENS
Directeur - Ingénieur
SEDELEC SA VALAIS
Rue du Chemin de Fer 24
Case Postale 16
1958 St Leonard
--------------------------------
Tel : +41 27 205 6000
Direct : +41 27 205 6002
Mobile : +41 79 205 6002
Fax : +41 27 205 6001
Email : f.leytens@sedelec-vs.ch
********************************

> -----Message d'origine-----
> De: Alex Pufhal [SMTP:alexpufhal@yahoo.com]
> Date: lundi, 17. septembre 2001 23:57
> À: security-basics@securityfocus.com
> Objet: Windows 2000 Questions
>
> Hello,
>
> I have a couple of questions that I hope are
> appropriate for this forum.
>
> My background is in Linux/FreeBSD security and I have
> NT administration experience but on built servers.
>
> I have a job offer on the table but, unfortunately,
> it's on a Windows 2000 Server based network. It's a
> small 10-node network. They were peer-to-peer but have
> now gone client/server.
>
> It would be my task to build the server and obviously
> secure it. Can someone point me at a HOWTO or websites
> which detail everything that needs to be secured and
> how to do so?
>
> It looks like I have a shot at this position but I
> really need to know the security risks I'm facing
> before I accept it.
>
> I would appreciate any direction to be pointed in.
> Fortunately, I can throw a Linux box in but, not as
> the main server.
>
> Alex
>
> __________________________________________________
> Terrorist Attacks on U.S. - How can you help?
> Donate cash, emergency relief information
> http://dailynews.yahoo.com/fc/US/Emergency_Information/



Relevant Pages

  • SecurityFocus Microsoft Newsletter #164
    ... Got Storage Security Risks? ... MICROSOFT VULNERABILITY SUMMARY ... Chat Client FTP Server Default Username Credential Weak... ... NetServe Web Server is a compact web server for Microsoft Windows ...
    (Focus-Microsoft)
  • Re: im being held in memory
    ... How can I harden my computer or server to secure it from hackers? ... Use firewall software and hardware and antivirus software that is ... Follow the instructions for hardening Windows and IIS at ... Install all service packs and security fixes from Microsoft and otherwise ...
    (microsoft.public.security)
  • MS and security: good effort but no cigar
    ... build upon the progress it's already made in security. ... The low-hanging fruit of millions of insecure Windows machines ... Then there's the issue of poorly secured server applications. ... and execute external virus and filtering ...
    (microsoft.public.windowsxp.general)
  • SecurityFocus Microsoft Newsletter #167
    ... MICROSOFT VULNERABILITY SUMMARY ... Multiple Vendor XML Parser SOAP Server Denial Of Service Vul... ... Proactive Windows Security Explorer ...
    (Focus-Microsoft)
  • Re: Group Policy broke my DCs
    ... to be very careful with tweaking services on domain controllers. ... Group Policy - security policy at the OU level which makes it much easier to ... complied from the Windows 2003 Server Security guide for baseline core ... Server - automatic ...
    (microsoft.public.windows.group_policy)