Sign in with
Sign up | Sign in
Your question

Security Relevant Dirs/Files

Last response: in Windows 2000/NT
Share
February 14, 2005 5:27:32 AM

Archived from groups: microsoft.public.win2000.security (More info?)

I'm currrently writing a document for our IT dept and I need a little
assistance on win200/XP/2003 SBS security relevant files and directories
within the OS. At first I said ok sure I'll take care of this and
established pretty much the whole C: drive. Like most security issues you
run into barriers that make you formulate a well rounded medium (EX.
disconnecting the server from the network makes the machine virtually
"untouchable" from the outside" but its just not feasible) I was hoping to
come across a "checklist" of somesort...I've looked and searched till I'm
blue in the face to no avail. TIA

- Justin

P.S. Linux is the next project
Anonymous
a b 8 Security
February 15, 2005 1:16:48 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Windows XP and Windows 2003 already have fairly secure default ntfs
permissions which is adequate for most situations unless you are going to
built a bastion host. I would be more concerned about unneeded services
running, password policy, possibly host based firewall implementation with
XP SP2, antivirus protection, security policy, and patch management for
critical updates. Windows 2000 does not have as secure default ntfs
permissions as XP/2003 but you can use XP/2003 as a model for Windows 2000.
The free Windows 2003 Sever Security Guide and the Threats and
Countermeasures Guide would be good places for you to read about securing
all aspects of the operating system. --- Steve

http://www.microsoft.com/technet/security/prodtech/wind... --
those guides and more available here
http://www.infosec.uga.edu/windows.html -- more security guidance.


"Justin" <jtmitch@comcast.net> wrote in message
news:uecSlamEFHA.624@TK2MSFTNGP09.phx.gbl...
> I'm currrently writing a document for our IT dept and I need a little
> assistance on win200/XP/2003 SBS security relevant files and directories
> within the OS. At first I said ok sure I'll take care of this and
> established pretty much the whole C: drive. Like most security issues you
> run into barriers that make you formulate a well rounded medium (EX.
> disconnecting the server from the network makes the machine virtually
> "untouchable" from the outside" but its just not feasible) I was hoping to
> come across a "checklist" of somesort...I've looked and searched till I'm
> blue in the face to no avail. TIA
>
> - Justin
>
> P.S. Linux is the next project
>
>
>
February 15, 2005 8:12:23 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Thanks Steve,

But...I'm all to familiar with those checklists and yes I too believe
services, patches, clog the the USB ports with dirt, etc is a lil bit more
of a concern.
!