Security Basics mailing list archives
RE: Harden a windows network
From: bsec <bsec () cotse net>
Date: Wed, 31 Dec 2003 16:38:29 -0500 (EST)
Check out SANS Securing Windows 2000: Step-by-step guide: https://store.sans.org/store_item.php?item=22 Several of the items are applicable to other versions of Windows, not just W2K. Best luck, -Brett
"Simon and Sara Zuckerbraun" <szucker () rcn com> 12/30/2003 7:03:50 PM >>>
I'm sure that there are a great many hardening steps which would provide an even greater level of defense... Two I can think of off the top of my head is to examine the following security options on each machine: "Additional restrictions for anonymous connections" - set to "no access without explicit anonymous permissions" "LAN Manager authentication level" - set to "Send NTLM response only" or stronger You can find both of these in Local Security Policy. (Exact names may vary a bit depending on which version of Windows you're running.) Perhaps someone else on this list can recommend a resource with a comprehensive list of such steps? Simon szucker () rcn com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Harden a windows network John McCracken (Jan 02)
- <Possible follow-ups>
- RE: Harden a windows network bsec (Jan 02)