Firewall Wizards mailing list archives
Re: How to Secure Windows? was How to Save the World
From: "Dave Piscitello" <dave () corecom com>
Date: Mon, 20 Dec 2004 09:19:07 -0500
If you want a cheat sheet - or a template on which to baseline what your organization ultimately decides is its security policy - then visit the Center for Internet Security (cisecurity.org), download the security benchmarking tool and dozen or so templates, and RTFM that accompanies it. Basically, using Active Directory and group policy object definition, you can lock down W2K or XP very nicely based on these templates, including services, file system, local administration, IE settings, auditing/event logging and more. You can also develop policy for locking down internet-facing servers on Win2000 and W2k3. If you're not running AD, you can apply the same template as a local security policy using secpol.msc or create a Group template and apply it to individual systems using the group policy msc. If you want the 1000-word abstract versions, visit my Windows 2000 resources page at http://hhi.corecom.com/windowsxpresources.htm FWIW, I use the NSA gold template on a windows 2000 laptop, locked down everything recommended and tried like hell to break into the box with no success (perhaps more an indication of my pen-testing limitations and the power of a paranoid security policy than Windows security, but...) On 13 Dec 2004 at 11:42, MHawkins () TULLIB COM wrote:
All I want to do is have a standard cheat sheet to lock down the machine so that all those exe's that I don't want to run - CAN'T - and all those exe's that I do want to let run - CAN - but only under their own account and only in their own volume space! Is that too much to ask?
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- How to Secure Windows? was How to Save the World MHawkins (Dec 13)
- Re: How to Secure Windows? was How to Save the World Devdas Bhagat (Dec 13)
- Re: How to Secure Windows? was How to Save the World Kevin Sheldrake (Dec 14)
- Re: How to Secure Windows? was How to Save the World Dave Piscitello (Dec 21)
- Re: How to Secure Windows? was How to Save the World Paul D. Robertson (Dec 23)
- Re: How to Secure Windows? was How to Save the World Dave Piscitello (Dec 26)
- Re: How to Secure Windows? was How to Save the World Paul D. Robertson (Dec 27)
- Re: How to Secure Windows? was How to Save the World Barney Wolff (Dec 26)
- Re: How to Secure Windows? was How to Save the World Paul D. Robertson (Dec 27)
- Re: How to Secure Windows? was How to Save the World Paul D. Robertson (Dec 23)
- Re: How to Secure Windows? was How to Save the World Mark (Dec 26)
- Re: How to Secure Windows? was How to Save the World Paul D. Robertson (Dec 27)
- Re: How to Secure Windows? was How to Save the World Devdas Bhagat (Dec 13)
- <Possible follow-ups>
- Re: How to Secure Windows? was How to Save the World Keith A. Glass (Dec 13)