Re: hardening W2k machines

From: Karl Levinson [x y] mvp (jamescagney90210@excite.com)
Date: 12/25/02


From: "Karl Levinson [x y] mvp" <jamescagney90210@excite.com>
Date: Wed, 25 Dec 2002 10:49:30 -0500


IMHO it's best to harden any computer as soon as possible. However, you can
certainly harden it any time you want.

Drawbacks to hardening a computer or server after it has been put into
production use are 1) it is painfully noticable if any of the hardening
templates or procedures causes a service or server to stop working as
expected, and 2) the server or computer might already be hacked, in which
case hardening it is not going to make it secure.

"A. Tolga KILINĒ" <kilinc@tis.havelsan.com.tr> wrote in message
news:e3mx7cCrCHA.1776@TK2MSFTNGP10...
> Hi,
> I have a very basic question. I have a W2k domain with W2k servers and
> Professionals and DC's. After installation can I perform all kind of
> hardening process centrally? (I mean with templates, group policies) or do
I
> have to consider some issues during installation process, which can not be
> configured as post-installation configuration? Can you classify the steps
> as "during installation" and " anytime after installation" ??
> Regards,
> tolga
>
>

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.423 / Virus Database: 238 - Release Date: 11/25/2002


Relevant Pages

  • RE: Server hardening
    ... They have documentation for hardening Operating Systems, and Internet facing applications, Routers and Firewalls and more. ... I understand the hardening procedures varies depending upon the role of the server e.g Windows servers hosting exchange, sharepoint, database, activedirectory etc. ... Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. ... Totally hands-on course with evening Capture The Flag exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. ...
    (Security-Basics)
  • Re: Pop-up blocker and manage add-ons
    ... I have been looking thru 20 different articles about IE hardening and I ... managed to find out that I was running the server with hardening, ... when I was fooling around with some setting under Security settings ... Don't know what I did to make them disappear and no matter how I ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Server hardening
    ... The question is, can you define a global procedure for hardening a server, or is it an individual task? ... It would be prefferably to do the first step define the task of the server, make it as dedicated as possible and throw away everything else not needed, starting from browser up to particular services. ... Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. ... Totally hands-on course with evening Capture The Flag exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. ...
    (Security-Basics)
  • Re: What server hardening are you doing these days?
    ... What server hardening are you doing these days? ... listing of all possible security settings-- the recommendation simply being ... any system in any role that would secure the box without ...
    (Focus-Microsoft)
  • Re: Server hardening
    ... Can someone suggest the procedures an administrator needs to follow for hardening servers? ... I understand the hardening procedures varies depending upon the role of the server e.g Windows servers hosting exchange, sharepoint, database, activedirectory etc. ... Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. ... Totally hands-on course with evening Capture The Flag exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. ...
    (Security-Basics)