Re: We've been compromised, now what...

From: Jeff Cochran (jcochran@info.der-keiler.de)
Date: 05/30/02


From: jcochran at naplesgov dot com (Jeff Cochran)
Date: Thu, 30 May 2002 14:18:27 GMT


>>It's not hard to harden an NT/W2K system, it just doesn't come that
>>way. Having all the patches in place leaves a lot of holes open for
>>you to hunt down and close.

>Does anyone have an opinion if the US Navy document on locking down
>(actually I think it was a secure install) NT is still of value or
>know if it has been updated? TIA.

Lots of opinions... :)

The NSA document has some holes in it, and the current best practices
seem to be at Microsoft's site, in the security section. There are a
number of security tools and checklists available for locking down
NT/W2K, of which the NSA document is only one.

The key is knowing why you're making the changes, so you can decide if
that change is appropriate for your organization.

Jeff



Relevant Pages

  • Re: Weve been compromised, now what...
    ... >>It's not hard to harden an NT/W2K system, ... >Does anyone have an opinion if the US Navy document on locking down ... number of security tools and checklists available for locking down ... of which the NSA document is only one. ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: Weve been compromised, now what...
    ... >>It's not hard to harden an NT/W2K system, ... >Does anyone have an opinion if the US Navy document on locking down ... number of security tools and checklists available for locking down ... of which the NSA document is only one. ...
    (comp.security.misc)
  • Re: Weve been compromised, now what...
    ... >>It's not hard to harden an NT/W2K system, ... >Does anyone have an opinion if the US Navy document on locking down ... number of security tools and checklists available for locking down ... of which the NSA document is only one. ...
    (comp.os.ms-windows.nt.admin.security)