Security Basics mailing list archives

RE: Setting up secure windows xp network

From: "wjnorth" <wjnorth () earthlink net>
Date: Wed, 28 May 2003 12:16:24 -0700

I personally would check out a few different Windows hardening
resources:

http://www.nsa.gov/snac/index.html for NSA snac guides (NOTE: I would
take extreme care and caution when utilizing these guides, as they are
known to break systems very easily).

http://www.systemsexperts.com/literature.html systems experts have some
good guidance

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/prodtech/windows/secwin2k/default.asp And you can always rely on MS
to provide you with quite a bit of fluff, but there's still some good
info there as well.

When hardening using the Windows templates from NSA, I would caution you
to make sure you do a full analysis on what it will lock down, you'll
end up finding out later on that some of the services (i.e. COM+, WMI
etc) are needed for certain applications.

As far as a software based firewall, I did a trade analysis on
host-based firewalls a few weeks back, and Norton personal firewall
stood out to be a very good app. Only problem is it has more granular
control then say (BlackICE, McAfee, Tiny Firewall, Zone Alarm, Sygate
etc. etc.). You may find it a bit more difficult to control, however,
once you understand it, it is actually a very effective firewall, and
even has built-in IDS rules that can be used. You just have to figure
out how to use it. ;-)

-Wesley North
Senior Information Systems Security Engineer
BAE SYSTEMS, MISSION SOLUTIONS
wesley.north () baesystems com

-----Original Message-----
From: James Taylor [mailto:james_n_taylor () yahoo com] 
Sent: Tuesday, May 27, 2003 5:39 PM
To: 'SML'; security-basics () securityfocus com
Subject: RE: Setting up secure windows xp network


Hi Anna,

This will be considered a bit of a crappy solution by most
sec professionals, but for your network and, sorry if this
is incorrect, level of perceived expertise, it might be suitable. You do
need some protection that you can easily manage. I suspect that both
Norton and Mcaffee would work, but need a level of tweaking though.

Who not look at the commercial versions of Zone Alarm? Then just modify
the outgoing traffic to allow what traffic you want and add your
(external?) mail and DNS servers to the 'trusted zones". It's not great
but you should be able to scan yourself (scan.sygate.com) and find
yourself protected. There is a wealth of information and help through
the Zone Labs forums. You might also want to load Zone Alarm (not the
free version) on the individual workstations.

Then run the MS Baseline Security Analyser to check and recommend
tightening the gateway.
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/Secur
ity/tools/tools/MBSAHome.ASP

Regards
James

--- Lachlan McGill <Lachlan.McGill () au logical com> wrote:

As a very simple method, you can try just blocking ports
on the network card
level in its TCP/IP properties. This is very simple and
also not necessarily
the most secure.

You should be able to get some success with third party
apps such as
Nortons, Mcafee and Zone Alarm. Its just a matter of configuring them
properly to suit your setup. 


-----Original Message-----
From: SML [mailto:sml () ukf net]
Sent: Friday, 23 May 2003 12:57 AM
To: security-basics () securityfocus com

Hello list.
I'm in the process of securing Windows xp prof network, consisting of 
5 computers.
We use "workgroup" configuration.
Also the computers are conected to internet through
windows 2000 gateway
computer with 2 network cards, where one card connects to
ADSL router. NAT
software is in place on the gateway.
I'd much appreciate if somebody could point me to the
internet recourses, or
give advise on how to make the most of windows own
security features,
policies etc. Also what software firewall could we use on
the gateway, since
after trying norton and mcaffe firewals, we couldn't
access the intrenet.

Thanks,
Anna

------------------------------------------------------------------------
---

Thinking About Security Training? You Can't Afford Not
To!

Vigilar's industry leading curriculum includes:  Security
+, Check Point,
Hacking & Assessment, Cisco Security, Wireless Security & more! 
Register Now!
--UP TO 30% off classes in select cities--
http://www.securityfocus.com/Vigilar-security-basics

------------------------------------------------------------------------
----

------------------------------------------------------------------------
---

------------------------------------------------------------------------
----



__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com

------------------------------------------------------------------------
---
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Setting up secure windows xp network SML (May 22)
- RE: Setting up secure windows xp network Manuel Fernandes (May 23)
- <Possible follow-ups>
- Re: Setting up secure windows xp network Chris R (May 23)
  - Re: Setting up secure windows xp network Kenzo (May 26)
- Re: Setting up secure windows xp network m g (May 23)
- RE: Setting up secure windows xp network Lachlan McGill (May 27)
  - Re: Setting up secure windows xp network Danny (May 28)
  - RE: Setting up secure windows xp network James Taylor (May 28)
  - Setting up secure windows xp network SML (May 29)
    - Re: Setting up secure windows xp network James Taylor (May 30)
- RE: Setting up secure windows xp network wjnorth (May 29)
- Re: Setting up secure windows xp network Chris Berry (May 29)