Bugtraq mailing list archives

Windows 2000 Internet Server Security Configuration Tool

From: secure () MICROSOFT COM (Microsoft Security Response Center)
Date: Fri, 24 Mar 2000 10:59:20 -0800


-----BEGIN PGP SIGNED MESSAGE-----

Hi All -

Microsoft is pleased to announce that version 1.0 of the Windows 2000
Internet Server Security Configuration Tool is available for download
and use.  The tool makes it easy to secure a web server running IIS
5.0.  It conducts an interview to determine what services you want to
provide and the general way that you'd like for the server to operate,
then generates and deploys a policy to configure the server
appropriately.

The tool is available for download at
http://www.microsoft.com/technet/security/tools.asp.  Before using the
tool, please be sure to read the Readme file included with it. The
tool errs on the side of caution, and locks down many aspects of the
system. It's important that you understand the effects this can have
before deciding whether to lock down your server.

We will be developing an advanced version of the tool, and also are
deploying more security checklists.  All of these can be downloaded
from http://www.microsoft.com/technet/security/tools.asp.  Regards,

Secure () microsoft com

___________________________
PGP key is available at
http://www.microsoft.com/technet/security/MSRC.asc

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2

iQEVAwUBONu7A40ZSRQxA/UrAQEcXQf+NBO/4aCNguOu1y1iquAWhpzrIxFItKP+
+ZrRSvHvfhK1mJPPgcs3knMInJ42mXiBXTN8miZhDA7aknncWXrQlZbx2kj0WIoJ
GMPiO5Kk25HXBwsitUee/Ll11in3Mjuy2G1nlL3gkJI83MgEFWFzIAn9S7N+vsEe
tOJOCn1rQm8+OuUeFrhJ26PJI0Ysd/Y8/+cevkbo/DzeHq6B05PZokVtgmruyGHF
pzM35AjpvikAa28UJiam5R2JM1voFcpKaoNlzlbAsKcQsI4PyyruWjxbNMDDDBzr
/WbDz2FF6G2dCE1bQlaTVS1ukesPOGoE6moPRqHDuZiuIEPB3I/adQ==
=yd4j
-----END PGP SIGNATURE-----

Current thread:

gpm-root egmont () FAZEKAS HU (Mar 22)
- Re: gpm-root ADAM Sulmicki (Mar 22)
  - Trend Micro releases Patch for "OfficeScan Unauthenticated CGI U sage" vulnerability Richard Sheng (Mar 22)
  - Re: gpm-root Koblinger Egmont (Mar 23)
  - Local Denial-of-Service attack against Linux Jay Fenlason (Mar 23)
    - Re: Local Denial-of-Service attack against Linux Michal Zalewski (Mar 24)
    - Re: Local Denial-of-Service attack against Linux dapozza (Mar 24)
    - Hide Drives does not work with OUTLOOK 98 - Summary of Answers (W InNT4) DeAvillez, Carlos (Mar 24)
    - Windows 2000 Internet Server Security Configuration Tool Microsoft Security Response Center (Mar 24)
    - Irix Objectserver remote exploit Marcy Abene (Mar 29)
    - New ZZ v1.2 Simple Nomad (Mar 29)
    - [RHSA-2000:008-01] ircii buffer overflow bugzilla () REDHAT COM (Mar 30)
    - Microsoft Security Bulletin (MS00-019) Microsoft Product Security (Mar 30)
    - Microsoft Security Bulletin (MS00-021) Microsoft Product Security (Mar 30)
    - Napster, Inc. response to Colten Edwards Elias Levy (Mar 30)
    - Cobalt apache configuration exposes .htaccess Paul Schreiber (Mar 30)
    - Re: Napster, Inc. response to Colten Edwards Danny Crawford (Mar 30)
    - Re: Napster, Inc. response to Colten Edwards Dylan Griffiths (Mar 30)
    - Alert: MS Index Server (CISADV000330) Cerberus Security Team (Mar 30)

(Thread continues...)