RE: Harden a windows network

From: bsec (bsec_at_cotse.net)
Date: 12/31/03

  • Next message: H Carvey: "Re: Best practices for a small business's security"
    Date: Wed, 31 Dec 2003 16:38:29 -0500 (EST)
    To: <szucker@rcn.com>
    
    

    Check out SANS Securing Windows 2000: Step-by-step guide:

    https://store.sans.org/store_item.php?item=22

    Several of the items are applicable to other versions of Windows, not just
    W2K.

    Best luck,
    -Brett

    >>> "Simon and Sara Zuckerbraun" <szucker@rcn.com> 12/30/2003 7:03:50 PM >>>
    I'm sure that there are a great many hardening steps which would provide an
    even greater level of defense...

    Two I can think of off the top of my head is to examine the following
    security options on each machine:

    "Additional restrictions for anonymous connections" - set to "no access
    without explicit anonymous permissions"

    "LAN Manager authentication level" - set to "Send NTLM response only" or
    stronger

    You can find both of these in Local Security Policy. (Exact names may vary a
    bit depending on which version of Windows you're running.)

    Perhaps someone else on this list can recommend a resource with a
    comprehensive list of such steps?

    Simon
    szucker@rcn.com

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------


  • Next message: H Carvey: "Re: Best practices for a small business's security"

    Relevant Pages

    • [NT] Cumulative Security Update for Internet Explorer (MS04-025)
      ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ...
      (Securiteam)
    • [NT] Vulnerability in HTML Help Allows Code Execution (MS05-001)
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... * Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service ...
      (Securiteam)
    • Re: The Myth of the secure Mac
      ... OEM Windows XP Home goes for a bit under $100. ... >> secure than Home. ... Though this really has nothing to do with security. ... Microsoft counts on third-party developers to provide more ...
      (comp.sys.mac.advocacy)
    • SecurityFocus Microsoft Newsletter # 149
      ... MICROSOFT VULNERABILITY SUMMARY ... EveryBuddy Long Message Denial Of Service Vulnerability ... Intellitactics Network Security Manager ... Windows operating systems. ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #120
      ... Strengthening Network Security: FREE Guide Network security is a ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows File Protection Signed File Replacement... ... PlatinumFTPServer Information Disclosure Vulnerability ...
      (Focus-Microsoft)