FW: Checklist for securing Windows XP systems

[Ken Shaurette <kmshaurette () MPCCORP COM>]

Subject:        Checklist for securing Windows XP systems

This may be of interest to your organizations if you have not already become aware of it.

The National  Institute of Standards and Technology Information Technology  Laboratory Computer Security Division last 
month published the draft of a document to help IT professionals secure Windows XP  systems.

The document is "Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration 
Checklist - Special Publication 800-68" You can find it  at: http://csrc.nist.gov/itsec/guidance_WinXP.html

"SP 800-68" comes in a ZIP file with a 147-page PDF file and 
four template files. The template files offer reference 
materials and suggested user-profile settings for:

  * Small-office/home-office systems (small, informal, 
    stand-alone). 
  * Large enterprises (managed, structured, well-staffed). 
  * High-security systems (at risk of attack or data exposure, 
    critical systems; may be subset of other environments). 
  * Legacy systems (older, outdated communications modalities).

SP 800-68 provides (quoting from the executive summary and 
adding bullets):

  * Detailed information about the security of Windows XP. 
  * Security configuration guidelines for popular applications. 
  * Security configuration guidelines for the Windows XP operating 
    system. 
  * Methods that system administrators can use to implement each 
    security setting recommended. 
    
  Chapters include:

  * Windows XP Security Guide Development 
  * Windows Security Components Overview 
  * Installation, Backup and Patching 
  * Overview of the Windows XP Security Policy Configuration and 
    Templates 
  * NIST Windows XP Template Settings Overview 
  * Additional Windows XP Configuration Guidance 
  * Application Specific Security Configuration Guidance

Appendices include information on the NIST security template 
settings, information on Windows XP Service Pack 2, Release 
Candidate 2, commonly used TCP/IP ports on Windows XP systems, 
tools, resources and acronyms.

> Ken
> ------
>
> Ken M. Shaurette, CISSP, CISA, CISM
> kmshaurette () mpccorp com
> Information Security Solutions Manager
> MPC Security Solutions 
> <www.mpcscorp.com>  or <www.buympc.com>
> (262) 523-3300 x60486
> FAX  262-523-3333
> ------
> National Security Awareness Day - September 10, 2004 - Are you aware?
> ------
> ********************************************
>  This email and any files transmitted with it are confidential and are intended solely for the use of the individual 
> or entity to whom they are addressed. This communication may represent the originator's personal views and opinions, 
> which do not necessarily reflect those of MPC Security Solutions.
>  
> If you have received this email in error, further dissemination, forwarding, printing or copying of this email is 
> prohibited, please notify the sender and delete this email and destroy any hard copy.  
> ********************************************

Disclaimer: 29/7/2004

MPC Computers is providing the following information in compliance with federal regulations:
 
MPC Computers, LLC
906 E. Karcher Road
Nampa, Idaho 83687
1-888-224-4247
http://www.mpccorp.com

If you wish to unsubscribe to all e-mail communications with MPC, please click on the link below.  
http://www.mpccorp.com/email/unsubscribe.html


**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.