Security Basics mailing list archives
Re: Locking down workstation
From: "Dana Epp" <dana () vulscan com>
Date: Wed, 11 Jun 2003 08:10:55 -0700
Here is a good start for you on some resources to assist you in hardening your workstation(s). The NSA released some unclassified documents on ways to reduce the attack surface of you Microsoft based operating systems. I found the Windows XP and 2000 guides a good starting point if you are wanting to "button down the hatches" for those platforms. The documents are clear and concise and step through a lot of different aspects. You can find the index at: http://www.nsa.gov/snac/, or go directly to the Windows XP Guide at: http://www.nsa.gov/snac/winxp/download.htm If you are using Linux or Mac OSX, consider taking a look at something like Bastille. They have scripts that can harden your distribution in just a few steps. You can get more information at: http://www.bastille-linux.org/ Short of that, consider using least privilege, and consider what you MUST have running. If you are not sure, turn it off. You will find out quick enough if it's something that should be turned on. *lol* Good luck. Happy hardening. --- Regards, Dana M. Epp ----- Original Message ----- From: "Mada Dulate" <madadulate () hotmail com> To: <security-basics () securityfocus com> Sent: Tuesday, June 10, 2003 2:04 PM Subject: Locking down workstation
hey all, I've learned a lot from this list (thank you) but I've tried to lurk a
bit,
expected this issue to come up before I posted. Time's up. Firewalls are certainly a good practice, hopefully getting better, but if I'm really concerned with security and as a responsible netizen looking to stem the spread of disease, don't I want to do the best I can to close up unused ports and services on every destop in my network. I admit I don't really know the implications of this from an
administrator's
point of view, and I don't know how to audit this, but the reading I've stumbled on is very directed at server strategy. This is more to open a discussion than a personal request. All responses can be directed to the list. Thanks! Mada _________________________________________________________________ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail --------------------------------------------------------------------------
-
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm --------------------------------------------------------------------------
--
--------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- Re: Locking down workstation, (continued)
- Re: Locking down workstation Jimi Thompson (Jun 11)
- Scanner Software Question Louie (Jun 11)
- RE: Scanner Software Question Marc Maiffret (Jun 11)
- RE: Scanner Software Question Louie (Jun 12)
- Re: Scanner Software Question compguruman (Jun 17)
- RE: Scanner Software Question security (Jun 17)
- RE: Scanner Software Question James L. Harrison (Jun 17)
- RE: Scanner Software Question Marc Maiffret (Jun 11)
- RE: Locking down workstation Des Ward (Jun 11)
- Re: Locking down workstation James (Jun 11)
- RE: Locking down workstation dave (Jun 11)
- Re: Locking down workstation Dana Epp (Jun 11)
- Re: Locking down workstation Brad Mills (Jun 11)
- Re: Locking down workstation Chris Berry (Jun 11)
- RE: Locking down workstation Thomas F Parham (Jun 11)
- RE: Locking down workstation David Gillett (Jun 11)
- Re: Locking down workstation Paul Pepper (Jun 11)