Re: Service accounts best practices
From: Ferdie (ferdie_at_sand.rr.com)
Date: 06/22/05
- Next message: Jorge_de_Almeida_Pinto: "Re: Cryptography"
- Previous message: Roger Abell: "Re: People pinging on my computer after firewall installed, previously infected!"
- In reply to: Roger Abell: "Re: Service accounts best practices"
- Next in thread: Joe Richards [MVP]: "Re: Service accounts best practices"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 22 Jun 2005 08:27:45 -0700
The Security Monitoring and Attack Detection Planning Guide
http://www.microsoft.com/technet/security/topics/auditingandmonitoring/securitymonitoring/default.mspx
I like this one too. It tells you what Event ID's to look for and what to
skip.
"Roger Abell" <mvpNOSpam@asu.edu> wrote in message
news:uoBjatvdFHA.2212@TK2MSFTNGP14.phx.gbl...
> Yes, I believe the MS.com links went live Friday night.
> There is one more that may be of interest, dealing with making
> admin access to servers happen only with smart card login (even
> when that is the only use of smart cards in an infrastructure).
>
> --
> Roger Abell
> Microsoft MVP (Windows Security)
>
> "Ferdie" <ferdie@sand.rr.com> wrote in message
> news:eCsrZ4qdFHA.2664@TK2MSFTNGP15.phx.gbl...
>> Thanks for the links. FYI - I just saw these links on the GRC Security
>> forums.
>>
>> Looks like a good read.
>>
>> "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
>> news:OQA7ROhdFHA.2288@TK2MSFTNGP14.phx.gbl...
>> > Fredie,
>> >
>> > These are not going to cover that list, but may give some people
>> > some pause, if not food for thought.
>> >
>> > The Administrator Accounts Security Planning Guide
>> >
> http://www.microsoft.com/technet/security/topics/serversecurity/administratoraccounts/default.mspx
>> >
>> > The Services and Service Accounts Security Planning Guide
>> >
> http://www.microsoft.com/technet/security/topics/serversecurity/serviceaccount/default.mspx
>> >
>> > As I said, hot off the press, so I really have not had time to digest
>> > enough
>> > to be opinionated on these . . .
>> >
>> > --
>> > Roger Abell
>> > Microsoft MVP (Windows Server: Security)
>> >
>> >
>> > "Ferdie" <ferdie@sand.rr.com> wrote in message
>> > news:uvZOXebdFHA.584@TK2MSFTNGP15.phx.gbl...
>> >> Take your time.
>> >>
>> >> Some issues that I'll be looking for in the guide:
>> >>
>> >> Best way to give DB Admins access to Enterprise Admin.
>> >>
>> >> Best way to give Backup Operators access. We don't have the Backup
>> >> Operators group. We're using W2K native mode.
>> >>
>> >> Best way to allow service accounts local access without access to log
> on
>> >> locally.
>> >>
>> >> Best way to allow service accounts to copy files between multiple
>> >> servers.
>> >>
>> >> Best way to allow Admins access to C$ shares.
>> >>
>> >> Best way to monitor access using a privileged account.
>> >>
>> >>
>> >>
>> >> "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
>> >> news:OtQLxEadFHA.4040@TK2MSFTNGP14.phx.gbl...
>> >>> I'll try to give it a quick review today and forward link along
>> >>> (weekend :-)
>> >>>
>> >>> --
>> >>> Roger
>> >>
>> >>
>> >
>> >
>>
>>
>
>
- Next message: Jorge_de_Almeida_Pinto: "Re: Cryptography"
- Previous message: Roger Abell: "Re: People pinging on my computer after firewall installed, previously infected!"
- In reply to: Roger Abell: "Re: Service accounts best practices"
- Next in thread: Joe Richards [MVP]: "Re: Service accounts best practices"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
