RE: W2K where to start??

From: Mark L. Jackson (mark_l_jackson@iname.com)
Date: 10/23/01


From: "Mark L. Jackson" <mark_l_jackson@iname.com>
To: <security-basics@securityfocus.com>
Subject: RE: W2K where to start??
Date: Tue, 23 Oct 2001 01:28:59 -0700
Message-ID: <ANELKCODANPLKGOODADAMEOKCJAA.mark_l_jackson@iname.com>


> Start at the vendor's site http://www.microsoft.com/security.

just remember where the info is coming from. MS is not open about
security issues.

> >I'm a unix / Mac guy. I agreed to set up a test installation of W2K
> >Advanced Server because the M$ rep has always been nice.

I would advise reconsidering this. You should have a specific reason for
testing this product, not just to be nice. Most salespeople (or ex) will
recognize this tactic as the 'puppy dog' close. The idea being you take
the puppy home and you won't bring it back.

I will say that this is a good way to learn about MS and be able to say
why you want MAC, or *nix instead of MS when the time comes to justify
your choices.

> > It's going
> >to be in a DMZ so I'm not as scared as I would be, but my impression
> >is that windows in general is full of holes out of box (at least from

so are *nix systems. This is the usual anti-MS propaganda. You will here
the same about *nix from MS people. *nix has the advantage of having been
beat up first. Remember Robert Morris?

> >the number of command.exe's in my apache logs it would SEEM so), and

much like the number of <insert favorite *nix attack here> that I see on
my IIS logs.

> >I don't know where to start when it comes to windows security-

then you are definitely in a hole. Just as you could not secure a *nix
box your first try, you won't be able to do so with Win2K on your first
try. I would see if you can find a Win2K experienced person to set this up.
Usual bribes apply here.

> >
> >Where is a site I can go to that lists all the updates / patches I
> >need to get started. Any general advice?

As stated before, start at MS, but you will need outside assistance.

"Hacking Win2K.." pub'd by Syngress is a pretty good intro. They also
have a book on the wizards in Win2k which is helpful.

Most important thing to remember is that MS has made Windows very easy
to program, and admin. Many of the things that you would 'see' or have
to pay attention to with *nix are hidden in Windows. They are there, just
well hidden. Even more so than the MAC.



Relevant Pages

  • RE: W2K where to start??
    ... but you can with SQL Server 2000) ... > so are *nix systems. ... > Win2K experienced person to set this up. ... > Most important thing to remember is that MS has made Windows ...
    (Security-Basics)
  • Re: PDF automatisch erzeugen und speichern
    ... Denn in Win2K gibt es keine Win.ini mehr, jedenfalls keine "richtige", ... Nix mehr mit Ports und ... Bei mir funktionierte diese Technik nicht, als ich sie vor längerem mal ...
    (microsoft.public.de.access)
  • Re: Whats the difference between Xubuntu and Ubuntu?
    ... Do most people use Thunderbird for their email programs? ... On both *nix and on Win2K. ... I can't speak for others but I'm very ...
    (Ubuntu)
  • Re: [Full-Disclosure] lame bitching about xpsp2
    ... >*nix way) you still would whine because they are also working on extending ... >are concerned that you will have to learn Windows, ... >I recall nimda and I don't recall my Windows machines getting infected even ... >BeOS isn't going to cause a great desire to learn computers. ...
    (Full-Disclosure)
  • [SLE] Re: SUSE Firewall primitive shadow of ZoneAlarm in interactive user-control
    ... Linux is poor in real-time, ... There is a fundamental difference in the security model and tools available for windows and for linux. ... Linux is descended (in thought and design concept) from unix -- which was designed for multi-user computer sharing -- usually with no one at the console. ... Even Windows as a server isn't designed as *nix has been. ...
    (SuSE)