Full Disclosure mailing list archives
Re: Useless tidbit (MS AntiSpyware)
From: Valdis.Kletnieks () vt edu
Date: Thu, 12 May 2005 02:05:23 -0400
On Wed, 11 May 2005 11:30:46 PDT, Kurt Buff said:
If one [or more] of you on the list could be so kind to indicate a [many] resource[s] that lame hamstung admins would be wise to follow as guidlines to secure Windows systems.. it would be so much more productive. espcially for those lazy a$$ admins who may overlook the single [or multiple] missed step that lets them become owned, hacked, infected, unpatched, bugged, spewing, spamming, bots, rooted .... [I am sure to have skipped a few important ones] ;-P steveGoogle is your friend - start with 'NSA security guidelines windows'.
I'll add in the Center for Internet Security benchmarks: http://www.cisecurity.org It covers a lot of the same stuff as the NSA guidelines (which were used as one of the inputs). Benefits: (1) I don't know if the NSA stuff has been updated for XP, and (2) the CIS stuff includes a scoring tool which will let you know which things you've not tightened down. XP SP2, current patches, and either/both of the NSA/CIS kits - I will *not* guarantee that it's bulletproof secure, but at least the box won't be sitting there with a 'HAX0R ME N0W' sign on it. (No, I didn't work on the CIS Windows stuff, but I'll take at least partial blame for the Solaris/Linux/AIX ones)
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: Useless tidbit (MS AntiSpyware) Steven Rakick (May 10)
- RE: Useless tidbit (MS AntiSpyware) Nick FitzGerald (May 10)
- Re: Useless tidbit (MS AntiSpyware) James Tucker (May 10)
- RE: Useless tidbit (MS AntiSpyware) Randall M (May 11)
- Re: Useless tidbit (MS AntiSpyware) byte busters (May 11)
- Re: Useless tidbit (MS AntiSpyware) Kurt Buff (May 11)
- Re: Useless tidbit (MS AntiSpyware) Valdis . Kletnieks (May 11)
- RE: Useless tidbit (MS AntiSpyware) Nick FitzGerald (May 10)
- <Possible follow-ups>
- Re: Useless tidbit (MS AntiSpyware) Des Ward (May 12)