RE: Harden a windows network

[bsec <bsec () cotse net>]

Check out SANS Securing Windows 2000: Step-by-step guide:

https://store.sans.org/store_item.php?item=22

Several of the items are applicable to other versions of Windows, not just
W2K.

Best luck,
-Brett

> > > "Simon and Sara Zuckerbraun" <szucker () rcn com> 12/30/2003 7:03:50 PM >>>
I'm sure that there are a great many hardening steps which would provide an
even greater level of defense...

Two I can think of off the top of my head is to examine the following
security options on each machine:

"Additional restrictions for anonymous connections" - set to "no access
without explicit anonymous permissions"

"LAN Manager authentication level" - set to "Send NTLM response only" or
stronger

You can find both of these in Local Security Policy. (Exact names may vary a
bit depending on which version of Windows you're running.)

Perhaps someone else on this list can recommend a resource with a
comprehensive list of such steps?

Simon
szucker () rcn com







---------------------------------------------------------------------------
----------------------------------------------------------------------------