Re: FW: Checklist for securing Windows XP systems

["Weeks, Calvin W." <cweeks () OU EDU>]

We have used the NIST and the NSA guides over the past four years at the
University of Oklahoma and have found them to be very valuable to our
security efforts. We spent some time working with our public access
areas, labs, residential housing, and research community and have put
together a script that will automatically apply the NIST recommendations
to workstations. This version is our public version that we distribute
too our non-university owned workstations and you are welcome to use as
you wish:

 

http://security.ou.edu/distribution/OU_BP_Security_Scripts_2.exe 

Hash Value:  bca4ef56f26e1e44d6082ab7416dfb7b

 

Please, test on a non production machine before using and pay attention
to comments when you run the script. This can be applied to Win 2000
Pro/Server, Win XP, and Win 2003; however we have found that you should
always apply the security settings manually on servers and we only use
this script for workstations. We are working on customizing scripts that
will work for servers, but you have to make a script for each type of
server that you have (i.e., webserver, file/print server, Domain
controller, DNS, DHCP, etc.)

 

If you of you have any questions you may contact myself or Jason Britton
(fulco () ou edu) and please, give us feedback for improvements to the
script.

 

Calvin Weeks, EnCE, CISSP, CISM

Director, OU Cyber Forensics Lab

University of Oklahoma

Phone:  405-325-8334

http://cfl.ou.edu <http://cfl.ou.edu/> 

http://security.ou.edu <http://security.ou.edu/> 

 

 

 

________________________________

From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ken Shaurette
Sent: Thursday, July 29, 2004 8:10 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] FW: Checklist for securing Windows XP systems

 

Subject:        Checklist for securing Windows XP systems 

This may be of interest to your organizations if you have not already
become aware of it. 

The National  Institute of Standards and Technology Information
Technology  Laboratory Computer Security Division last month published
the draft of a document to help IT professionals secure Windows XP
systems.

The document is "Guidance for Securing Microsoft Windows XP Systems for
IT Professionals: A NIST Security Configuration 

Checklist - Special Publication 800-68" You can find it  at:
http://csrc.nist.gov/itsec/guidance_WinXP.html
<http://csrc.nist.gov/itsec/guidance_WinXP.html>  

"SP 800-68" comes in a ZIP file with a 147-page PDF file and 
four template files. The template files offer reference 
materials and suggested user-profile settings for: 

  * Small-office/home-office systems (small, informal, 
  stand-alone). 
* Large enterprises (managed, structured, well-staffed). 
* High-security systems (at risk of attack or data exposure, 
  critical systems; may be subset of other environments). 
* Legacy systems (older, outdated communications modalities). 

SP 800-68 provides (quoting from the executive summary and 
adding bullets): 

  * Detailed information about the security of Windows XP. 
* Security configuration guidelines for popular applications. 
* Security configuration guidelines for the Windows XP operating 
  system. 
* Methods that system administrators can use to implement each 
  security setting recommended. 
  
Chapters include: 

  * Windows XP Security Guide Development 
* Windows Security Components Overview 
* Installation, Backup and Patching 
* Overview of the Windows XP Security Policy Configuration and 
  Templates 
* NIST Windows XP Template Settings Overview 
* Additional Windows XP Configuration Guidance 
* Application Specific Security Configuration Guidance 

Appendices include information on the NIST security template 
settings, information on Windows XP Service Pack 2, Release 
Candidate 2, commonly used TCP/IP ports on Windows XP systems, 
tools, resources and acronyms. 

Ken 
------ 

Ken M. Shaurette, CISSP, CISA, CISM 
kmshaurette () mpccorp com 
Information Security Solutions Manager 
MPC Security Solutions 
<www.mpcscorp.com <file:///\\www.mpcscorp.com> >  or <www.buympc.com
<file:///\\www.buympc.com> > 
(262) 523-3300 x60486 
FAX  262-523-3333 
------ 
National Security Awareness Day - September 10, 2004 - Are you aware? 
------ 
******************************************** 
 This email and any files transmitted with it are confidential and are
intended solely for the use of the individual or entity to whom they are
addressed. This communication may represent the originator's personal
views and opinions, which do not necessarily reflect those of MPC
Security Solutions.

  
If you have received this email in error, further dissemination,
forwarding, printing or copying of this email is prohibited, please
notify the sender and delete this email and destroy any hard copy.  

******************************************** 





Disclaimer: 29/7/2004

MPC Computers is providing the following information in compliance with
federal regulations:
 
MPC Computers, LLC
906 E. Karcher Road
Nampa, Idaho 83687
1-888-224-4247
http://www.mpccorp.com <http://www.mpccorp.com> 

If you wish to unsubscribe to all e-mail communications with MPC, please
click on the link below.  
http://www.mpccorp.com/email/unsubscribe.html
<http://www.mpccorp.com/email/unsubscribe.html> 

********** Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.