Re: How to Harden Public MS 2K3 DNS?

From: Deji Akomolafe (noemail_at_akomolafe.dotcom)
Date: 08/31/05

Next message: Doug Knox MS-MVP: "Re: Tweak UI - Password encryption and autologon"
Previous message: Technophobe: "Re: Spyware/Adware"
In reply to: Fred Yarbrough: "Re: How to Harden Public MS 2K3 DNS?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 31 Aug 2005 01:11:59 -0700

Something like this:
http://www.akomolafe.com/Portals/1/Docs/guide_to_securing_microsoft_windows_2000_dns.pdf
?

-- 
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about 
Yesterday?  -anon
"Fred Yarbrough" <fcyarbrough@yahoo.com> wrote in message 
news:eCClzmNrFHA.716@TK2MSFTNGP10.phx.gbl...
> Thanks for the reply Carey.  I have read most of these documents and was
> hoping to find something more detailed.  I will probably start with the
> Bastion Host Security Template and then tweak it.  The NSA has pretty good
> documents for DNS hardening but it is for W2K and not for W2K3.
>
>
>
> Thanks,
> Fred
>
>
>
> "Carey Frisch [MVP]" <cnfrisch@nospamgmail.com> wrote in message
> news:eGJEcjMrFHA.2592@TK2MSFTNGP09.phx.gbl...
>> Microsoft® Windows® Security Resource Kit
>> http://www.microsoft.com/mspress/books/6418.asp
>>
>> Windows Server 2003 Security Guide
>>
> http://www.microsoft.com/technet/security/prodtech/windowsserver2003/w2003hg/sgch00.mspx
>>
>> Service Management Functions
>> http://www.microsoft.com/technet/itsolutions/cits/mo/smf/mofsmsmf.mspx
>>
>> How Microsoft Does IT
>> http://www.microsoft.com/technet/itsolutions/msit/default.mspx
>>
>> -- 
>> Carey Frisch
>> Microsoft MVP
>> Windows XP - Shell/User
>> Microsoft Newsgroups
>>
>> --------------------------------------------------------------------------
> -----------------
>>
>> "Fred Yarbrough" wrote:
>>
>> | We are looking at replacing our UNIX Public DNS servers with Microsoft
> W2K3
>> | DNS servers.  these servers will not be doing anything but Static DNS
> for
>> | our external name space.  Does anyone know of an article or paper that
> talks
>> | about hardening or bastionizing a Windows 2K3 DNS server for public
>> | exposure?
>> |
>> |
>> | Thanks,
>> | Fred
>>
>
>

Next message: Doug Knox MS-MVP: "Re: Tweak UI - Password encryption and autologon"
Previous message: Technophobe: "Re: Spyware/Adware"
In reply to: Fred Yarbrough: "Re: How to Harden Public MS 2K3 DNS?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: lose "www."
... or machines within a network. ... running UNDER the microsoft domain. ... DNS servers to the IP addresses of those machines. ... > Microsoft MVP - FrontPage ...
(microsoft.public.frontpage.programming)
Re: DNS fowarding test
... It will be fowarding to my ISP's DNS servers on the external ... Microsoft MVP - Directory Services ... Instead of the website you're using, I suggest to use OEx (Outlook Express ...
(microsoft.public.windows.server.dns)
Re: Exam 70-291
... :-( I can't complete the Troubleshooting Lab ... on s.4-61 of the Chapter 4 "Configuring DNS Servers and Clients" of ... Implementing, Managing, and Maintaining a Microsoft Windows Server ... The zone name must be the exact same as the AD DNS name ...
(microsoft.public.windows.server.dns)
Re: Public dns server
... Do you remember the address of your ISP's DNS servers, ... Microsoft MVP - Directory Services ... Instead of the website you're using, I suggest to use OEx (Outlook Express ... Infinite Diversities in Infinite Combinations ...
(microsoft.public.windows.server.dns)
Re: Event ID: 5504
... Has anyone actually tried the hotfix that is referenced in kb838969? ... called Microsoft and got the hotfix but I am very hesitant to install it ... DNS servers should never attempt to resolve this host name ... >> Please direct all replies ONLY to the Microsoft public newsgroup so all ...
(microsoft.public.win2000.dns)