Re: Program to Walk Through Securing Windows 2000 Box
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 04/08/05
- Previous message: Steven L Umbach: "Re: Kerberos Issue"
- In reply to: Will: "Re: Program to Walk Through Securing Windows 2000 Box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 8 Apr 2005 00:36:57 -0500
The hisecws.inf security template does not change any registry permissions .
You can see exactly what a security template changes by viewing it or any
security template in the Security Configuration and Analysis tool. A
security template will not change permissions on the entire registry - just
those parts that may be deemed as being sensitive. Too restrictive registry
settings may break things depending on configuration needs. There are also
other security templates available from places like NSA that you can use if
they suit your needs. Be sure to thoroughly test out any template that you
apply to make sure that the computer is still at the functional level you
need it to be for users, applications, remote managment. --- Steve
http://nsa1.www.conxion.com/win2k/index.html --- NSA link
"Will" <DELETE_westes@earthbroadcast.com> wrote in message
news:-6ednRtTUJ2ojsvfRVn-jg@giganews.com...
> This seems like an instruction on how to do the work myself from scratch.
> Does the default hisecws.inf security template change permissions on the
> entire registry? It only takes but a second to load, which I assume
> means
> it barely touches the registry.
>
> I'm not looking to explore by hand 100,000 registry entries and try to
> figure out on my own which ones can or should be secured. I'm trying to
> find some reg file that already incorporates that hard work and just needs
> to be applied.
>
> --
> Will
>
>
> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
> news:#EFzSh$OFHA.3356@TK2MSFTNGP12.phx.gbl...
>> You can use security template to apply registry permissions. A reg file
>> would be used to configure a registry setting. You can also add custom
>> registry settings to security policy options as explained in the link
> below.
>> Be sure to test and changes on a test computer first before trying to
>> roll
>> out. --- Steve
>>
>> http://support.microsoft.com/default.aspx?scid=214752
>>
>> "Will" <DELETE_westes@earthbroadcast.com> wrote in message
>> news:YtSdnapqJ74ST8jfRVn-qg@giganews.com...
>> > Is there any reg file that automates securing of the default registry
> for
>> > hi
>> > security machines? There are way too many registry entries that seem
> to
>> > have very permissive security settings, by default.
>> >
>> > --
>> > Will
>> >
>> >
>> >
>>
>>
>
>
- Previous message: Steven L Umbach: "Re: Kerberos Issue"
- In reply to: Will: "Re: Program to Walk Through Securing Windows 2000 Box"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
