Re: We've been compromised, now what...

From: Jeff Cochran (jcochran@info.der-keiler.de)
Date: 05/30/02


From: jcochran at naplesgov dot com (Jeff Cochran)
Date: Thu, 30 May 2002 14:18:27 GMT


>>It's not hard to harden an NT/W2K system, it just doesn't come that
>>way. Having all the patches in place leaves a lot of holes open for
>>you to hunt down and close.

>Does anyone have an opinion if the US Navy document on locking down
>(actually I think it was a secure install) NT is still of value or
>know if it has been updated? TIA.

Lots of opinions... :)

The NSA document has some holes in it, and the current best practices
seem to be at Microsoft's site, in the security section. There are a
number of security tools and checklists available for locking down
NT/W2K, of which the NSA document is only one.

The key is knowing why you're making the changes, so you can decide if
that change is appropriate for your organization.

Jeff