Re: How to Secure Windows? was How to Save the World

["Paul D. Robertson" <paul () compuwar net>]

On Mon, 20 Dec 2004, Dave Piscitello wrote:

> If you want a cheat sheet - or a template on which to baseline what
> your organization ultimately decides is its security policy - then
> visit the Center for Internet Security (cisecurity.org), download the
> security benchmarking tool and dozen or so templates, and RTFM that
> accompanies it.

That _would_ be useful, if it weren't for the fact that I can only use it
on a single computer.  If, I wanted to use their tools as a consultant,
it'd cost me $11,000 per year!  While that might be ok for E&Y, it's a
little steep for PDR ;)

> Basically, using Active Directory and group policy object definition,
> you can lock down W2K or XP very nicely based on these templates,
> including services, file system, local administration, IE settings,
> auditing/event logging and more. You can also develop policy for
> locking down internet-facing servers on Win2000 and W2k3. If you're
> not running AD, you can apply the same template as a local security
> policy using secpol.msc or create a Group template and apply it to
> individual systems using the group policy msc.
>
> If you want the 1000-word abstract versions, visit my Windows 2000
> resources page at http://hhi.corecom.com/windowsxpresources.htm

Any idea if you can make Windows *not* dynamically accept ARP entires and
rely only on static entries in the table?

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards