Securing windows 2000?

Dpk dpk@egr.msu.edu
Mon, 12 Nov 2001 17:25:23 -0500


On Mon, Nov 12, 2001 at 04:18:23PM -0500, Edward Glowacki wrote:

   Anyone know where to find a decent guide to securing a Windows 2000
   machine?  I've been online with the laptop in Windows a lot more
   lately, both at work and at home with the new cable modem, and I
   want to at least *try* to be somewhat secure... ;) Also, suggested
   tools such as firewalls and virus scanners would probably be a good
   idea.

Can't believe you did not consult securityfocus.com! I am including a
thread from a post made at the end of last month addressing this
topic.

Dennis


----- Original Message -----
From: Erik Birkholz <erik@foundstone.com>
To: "'Brad Judy '" <judy@colorado.edu>,
   "'John Minnella '" <JohnM@environics.ca>,
   "'focus-ms@securityfocus.com '" <focus-ms@securityfocus.com>
Subject: RE: Secure Windows 2000 pro/server
Date: Mon, 29 Oct 2001 17:29:28 -0800

Don't forget the one in Hacking Exposed Windows 2000.  It is the best one in
my obviously biased opinion.

--Erik


-----Original Message-----
From: Brad Judy
To: John Minnella; focus-ms@securityfocus.com
Sent: 10/29/2001 9:11 AM
Subject: RE: Secure Windows 2000 pro/server

There are a number of good write-ups.  Some of them are directed
toward Server, but most aspects of hardening are common between the
two.  Here are a few of the ones I have used:

"Windows 2000 Baseline Security Checklist" by Microsoft - there are
also Server and IIS versions of this document available.
http://www.microsoft.com/technet/security/tools/w2kprocl.asp

"Hardening Windows 2000" by Phil Cox - From the book "Windows 2000
Security Handbook" Phil Cox et al.
http://www.systemexperts.com/tutors/HardenW2K101.pdf

Windows 2000 Security Recommendations Guides by the National Security
Agency - directed toward federal agencies, but much is applicable to
other organizations.  Read the "Guide to Securing Microsoft Windows
2000 File and Disk Resources"
http://nsa2.www.conxion.com/win2k/download.htm

I like this guide from Yale as well - very similar to the one I am
writing for our campus.
http://www.yale.edu/its/security/Procedures/Securing/NT/w2k/

A couple of other decent ones:

Labmice.net
http://www.labmice.net/articles/securingwin2000.htm

ArsTechnica
http://arstechnica.com/tweak/win2k/security/begin-1.html

Most of these pages overlap greatly and some of them contradict each
other, but there are differences in opinion in all fields.  There are
many other resources for Windows 2000 security.  Out of the several
W2K security book I have worked with, I like "Windows 2000 Security
Handbook" by Phil Cox et al, and "Securing Windows NT/2000 Servers for
the Internet" by Stefan Norberg.  There is also a Windows 2000 reading
room at SANS (http://www.sans.org/infosecFAQ/win2000/win2000_list.htm)
with many good articles about various aspects of security in Windows
2000.

I hope this helps and was not too much information.

Brad Judy
Information Technology Services
University of Colorado at Boulder

> -----Original Message-----
> From: John Minnella [mailto:JohnM@environics.ca]
> Sent: Monday, October 29, 2001 7:50 AM
> To: focus-ms@securityfocus.com
> Subject: Secure Windows 2000 pro/server
>
>
> Hi,
> are there any good write ups on how to secure/harden Windows 2000 Pro?
>