Addressing
DoS Vulnerabilities
Last month, Microsoft published an article that
documents five registry modifications you can use
to reduce Windows 2000's TCP vulnerability to a
variety of Denial of Service (DoS) attacks. These
guidelines are appropriate for Win2K systems
connected to a WAN or to the Internet and for
sites that operate under strict security controls.
Source: Windows & .NET Magazine
Close the door on hackers--secure your network
An overview of simple procedures you can use to keep your data from falling into the wrong hands. Source: Windows NT Professional Magazine (July 1999)
Common Criteria for Information System Security Evaluation v. 2.0
Soon to be the new ISO standard
Default
Access Control Settings in Windows 2000
Describes the default security settings for
numerous components of Windows© 2000, including the registry
and file system as well as user rights and group membership.
Source: Microsoft TechNet
Defending
your Web Server
Article by Rik Farrow that takes a look at how insecure
applications and scripts expose Web servers to attack, and
explains how to batten down the hatches. Source: Microsoft
TechNet
Description of the Windows 2000 Resource Kit Security Tools
Microsoft Knowledge Base Article: 264178 - The Microsoft Windows 2000 Resource Kit contains a set of tools designed to give administrators the ability to modify or enhance the security in Windows 2000.
Description of Default Security Settings in Windows 2000
Microsoft Knowledge Base Article: 217050 - This article describes some of the default security settings in Windows 2000.
Determining
Windows 2000 Network Security Strategies

Sample Chapter 17 from the Windows 2000 Server
Deployment Planning Guide, Published by Microsoft Press. The
strategic use of security technologies to protect your company's
network connections to the Internet or other public networks is
discussed in this chapter. This chapter does not provide details
about how to install and use network security technologies.
Network architects involved in network security design and
system administrators involved with administering network
security need to read this chapter. As a prerequisite to
performing the tasks outlined in this chapter, you need to be
familiar with network and Internet technologies, such as
routing, network protocols, and Web serving
Distributed Denial of Service Defense Tactics
This paper details some practical strategies that can be used by system administrators to help protect themselves from distributed denial of service attacks as well as protect themselves from becoming unwitting attack nodes against other companies. Source: SimpleNomad
Downloading and Using the Security Configuration Manager Tool
Microsoft Knowledge Base Article: 245216 - You can use the Microsoft Security Configuration Tool set to configure security for a Windows NT-based or Windows 2000-based computer, and then perform periodic analysis of the computer to ensure that the configuration remains intact or to
make necessary changes over time. This tool set is also integrated with the Microsoft Windows Administration Change and Configuration Management tool to automatically configure policies on a large number of computers in the enterprise. (updated 8/29/2000)
Hardening Windows NT against Attack
By Paul E. Proctor, Windows NT Systems, January 1999
How to Secure Windows 2000 Professional in a Non-Domain Environment
Microsoft Knowledge Base Article: 269799 - This article describes how to use the local group policy to secure a Windows 2000 Professional workstation in a non-domain environment.
HOW TO: Add an Authorized Page Warning in Windows 2000
Microsoft Knowledge Base Article: 310115 - This article describes how to create an authorized page warning. By using Windows 2000 Group Policy, you can add a legal notice to users who attempt to gain access to your systems. The legal notice provides information about network
policies to users who log on to your systems. The notice also
includes information about possible incident handling for
unauthorized network usage. You can configure authorized page
warnings for site, domain, organization unit, or local group
policies.
HOW TO: Apply Predefined Security Templates
Microsoft Knowledge Base Article: 309689 - Windows 2000 includes several pre-defined security templates that you can apply to increase the level of security for computers that are running either Windows 2000 Professional or Windows 2000 Server. These security templates are plain text
that you manually edit by using text editor such as Notepad.
However, it is recommended that you use the Security Templates
Microsoft Management Console (MMC) to make changes to these
templates. This article describes how to apply predefined
security templates.
HOW TO: Apply Security Patches by Using Task Scheduler
Microsoft Knowledge Base Article: 314435 - This step-by-step articles describes how to apply security patches by using Task Scheduler. A member of the administrators group will have already identified and downloaded the security patches and created a script to run the patches that
are referred to in this article. A member of the administrators
group on a computer that is running Windows 2000 Server or
Advanced Server will complete all of the following procedures
How to: Configure a Certificate
Authority to Issue Smart Card Certificates in Windows 2000
Microsoft Knowledge Base Article: 313274 - This step-by-step
article describes how to configure a Certificate Authority to
issue smart card certificates
HOW TO: Configure Network Security for the SNMP Service
Microsoft Knowledge Base Article: 313381 - This step-by-step article describes how to configure network security for the Simple Network Protocol Service (SNMP).
HOW TO: Configure the Security for Windows 2000 Server That Uses Microsoft NNTP Service
Microsoft Knowledge Base Article: 302566 - This article describes how to configure the security to control who has access to specific newsgroups and who can operate Microsoft Network News Transfer Protocol (NNTP) Service. You can also restrict access on the basis of the client computer.
HOW TO: Configure Security for Files and Folders on a Network (Domain)
Microsoft Knowledge Base Article: 301195 - This step-by-step guide describes how to configure security for files and folders on a network to protect data from unauthorized
access.
HOW TO: Configure the Security for Windows 2000 Server That Uses Microsoft NNTP Service
Microsoft Knowledge Base Article: 302566 - This article describes how to configure the security to control who has access to specific newsgroups and who can operate Microsoft Network News Transfer Protocol (NNTP - Service. You can also restrict access on the basis of the client computer.
HOW TO: Configure TCP/IP Filtering in Windows 2000
Microsoft Knowledge Base Article: 309798 -
This step-by-step article describes how to configure TCP/IP Filtering on Microsoft Windows 2000-based computers. Windows 2000-based computers support several methods of controlling inbound access.
One of the most simple and most powerful methods of controlling
inbound access is by using the TCP/IP Filtering feature. TCP/IP
Filtering is available on all Windows 2000-based computers that
have the TCP/IP stack installed.
HOW TO: Configuring Your Windows 2000 Server-Based Computer for Daily Virus Checks
Microsoft Knowledge Base Article: 298034 - This article describes a step-by-step procedure that you can use to configure your Windows 2000 Server-based computer for daily virus
checks.
HOW TO: Define Security Templates in the Security Templates Snap-in
Microsoft Knowledge Base Article: 313434 - This step-by-step article describes how to define security templates in the Security Templates
snap-in.
HOW TO: Enable and Apply Windows Security Auditing
Microsoft Knowledge Base Article: 300549 - This step-by-step instruction guide describes how to enable and apply Windows security
auditing.
HOW TO: Enable Local Security Auditing in Windows 2000
Microsoft Knowledge Base Article: 248260 - This article describes how to enable local security auditing in Windows 2000. Administrators of local computers can use this method to set up local auditing of security access rights on individual Windows 2000-based
computers.
HOW TO: Enforce a Remote Access Security Policy
Microsoft Knowledge Base Article: 313082 - This step-by-step article describes how to enforce a remote access security policy in a Windows 2000-based Native-mode
domain.
How to Gain System Access to a Windows 2000-Based Computer
Microsoft Knowledge Base Article: 238846 - You may need to run commands in the context of the local System account for recovery or other administrative purposes.
HOW TO: Harden the TCP/IP Stack in Windows 2000 Against Denial of Service Attacks
Microsoft Knowledge Base Article: 315669 - Denial of service attacks are network attacks that are aimed at making a computer or a particular service on a computer unavailable to network users.
Denial of service attacks can be difficult to defend against. To
help prevent denial of service attacks, you can use one or both
of the following methods
How to: Install a Smart Card Reader
in Windows 2000
Microsoft Knowledge Base Article: 313557 - This article
describes how to install a smart card reader
HOW TO: Prevent the Last Logged-On User Name from Being Displayed
Microsoft Knowledge Base Article 310125 - This article describes
how to prevent the last logged-on user name from being
displayed. After you use this method, a user must type a user
name and password to log on to a Windows 2000-based computer.
HOW TO: Prevent Users from Scheduling Tasks
Microsoft Knowledge Base Article Q310208 - The Windows 2000 Task Scheduler enables you to configure Windows to automatically open a document, start a program, or run a script at a preconfigured time. This functionality is convenient for administrators, who can force these tasks to
occur at specified times on users' computers. The Task Scheduler
starts by default when you start Windows 2000 and runs in the
background.
In a high-security environment, Task Scheduler can pose a
security threat. Users can create new tasks or delete those that
are set to run by the administrator. If you are an
administrator, you can control this behavior to provide greater
security and ensure that only the tasks that you configure run
at the proper time. This article describes how you can prevent
users from scheduling tasks.
How to Prevent Windows 2000 Upgrade from Modifying Custom
Security
Microsoft Knowledge Base Article: 260242 - The Windows 2000 upgrade process applies Windows 2000 default security settings to registry keys and file system objects. This process overwrites any custom permissions that you previously defined. If the Windows 2000 default security settings.
How to Protect Windows NT Desktops in Public Areas
Microsoft Knowledge Base Article: 143164 - In certain environments it is necessary to prevent workstation users from harming the system. For example, you may want to limit the number of applications a user can
use.
HOW TO: Restrict Users from Gaining Access to a Domain Controller by Using Telnet
Microsoft Knowledge Base Article: 292536
- This article explains how to restrict users from gaining access to a Windows 2000-based domain controller when they use the Telnet
service.
HOW TO: Secure Communication Between a Client and Server with Terminal Services
Microsoft Knowledge Base Article: 306561 - This step-by-step article describes how to secure communications between a client computer and a server by using Windows 2000 Terminal
Services.
HOW TO: Secure Windows in a Non-Domain Environment
Microsoft Knowledge Base Article: 269799 - You can use a Windows-based computer in a non-domain environment to use local group policies to secure the workstation. This implementation is not designed to secure a Windows-based computer for individual users who log on to the
computer.
How
to Troubleshoot SNMP Security Issues
Microsoft Knowledge Base Article: 200885 - If Simple Network Management Protocol (SNMP) is not responding and you have implemented SNMP security, you can use the steps in this article to help you troubleshoot the issue.
HOW TO: Use the Secedit.sdb Database to Perform a Security Analysis in Windows 2000
Microsoft Knowledge Base Article: 318711 - This step-by-step article describes how to use the Secedit.sdb database to analyze your security settings. This analysis can identify security holes that may exist in your current configuration, and can also identify changes that will take
place if you use a security template to configure your computer.
HOW TO: Use Simple Procedures to Prevent Unauthorized Users from Accessing Your Computer in Windows 2000
Microsoft Knowledge Base Article: 300957 - This step-by-step article describes how to prevent unauthorized users from accessing either a stand-alone computer, a network computer, or a remote computer.
Each of these types of computers has different security
requirements and the topic of security is complex. This article
describes some simple procedures to secure your computer. For
another user to access your computer, they must either be
assigned to an administrative group or they must have the
appropriate security rights and permissions
Increasing Security on Windows 2000 VPN Server
Microsoft Knowledge Base Article: 255784 - A Windows 2000 virtual private network (VPN) server that is configured by using the Routing and Remote Access Services (RRAS) Setup Wizard is installed with a default set of Input and Output filters. These filters support Point-to-Point
Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP), and IP Security
Protocol (IPSec) connectivity. The filters are generic and can be modified to
tighten security on a VPN server. This article describes modifications that you
can make to these filters to increase security. All filter configurations
mentioned in this article should be tested prior to being deployed in a
production environment
MS Security Configuration Tool Set
This paper describes the Microsoft© Security Configuration Tool Set, a set of Microsoft Management Console (MMC) snap-ins designed to reduce costs associated with security configuration and analysis of Windows NT? and Windows? 2000?based operating system networks. The Security
Configuration Tool Set allows you to configure security for a Windows NT or Windows 2000©based system, and then perform periodic analysis of the system to ensure that the configuration remains intact or to make necessary changes over time. It is also integrated with Windows
Administration Change and Configuration Management to automatically configure policy on a large number of systems in the enterprise.
Protection of the Administrator Account in the Offline SAM
Microsoft Knowledge Base Article: 223301 - This article discusses the security of the offline Security Accounts Manager (SAM) and the accounts in it.
Protect
Administrator Privileges
Gaining administrator access is the
ultimate coup for a system intruder, so protecting
administrative privileges needs to be high on your security
priorities list. Administrator Account Vulnerabilities I
discussed NT's administrator vulnerabilities in detail in
"NT's Top Security Problems," October 1998. Many
systems administrators further disguise the Administrator
account by creating a decoy Administrator account. Source: Windows
2000 Magazine (Feb 2000)
Protecting
Windows RPC Traffic
In security circles, Remote Procedure Calls (RPCs)
are bad news. According to a study by Cisco,
"The most vulnerable Internet service, ranked
by the percentage of times that the service was
visible and found to have a security problem"
is RPC, with 93.4 percent of the systems exposing
RPC reporting security problems. This article
discusses some of the perceptions and the realities
of RPC vulnerabilities on the Windows platform, and
the use of Microsoft's ISA server to address some
of these issues.
Source: Microsoft.com
SANS Network Security Roadmap
Hacker-proofing, advance planning before they hit you - A Computer Security Roadmap
Written for UNIX Admins, but plenty of useful information for everyone.
Securing NT Server
The Chicago branch of Network Computing's labs has long been known for its harsh criticism of Microsoft Corp. when it comes to Windows NT security. However, even though lacing into NT is one of our favorite pastimes, securing it is far less humorous. With NT's massive array of
services and subsystems, it's difficult--at best--to identify all the problems, much less protect against them. Source: Network Computing (April 2000)
Securing Network Resources

Chapter 9 of MCSE Training Kit © Microsoft Windows 2000 Active Directory Services, reprinted with permission from Microsoft Press. This chapter introduces you to Microsoft Windows 2000 file system (NTFS) folder and file permissions. You will learn how to assign NTFS folder
and file permissions to user accounts and groups, and how moving or copying files and folders affects NTFS file and folder permissions. You will also learn how to troubleshoot common resource access problems. Source: Microsoft TechNet CD Online (June 22, 2000)
Securing Windows 2000 Network Resources
Administration of a Microsoft Windows 2000 operating system-based network is a important task that has become much simpler. The administration tools and the directory service infrastructure (for user accounts and authentication) provide and control access to network and application
resources. This guide focuses on setting up user accounts and using groups to control access to resources such as file share, printers and Web servers. Source: Microsoft.com (March 7, 2000)
Securing Windows NT Server
Security requires more than just firewalls and proxy servers. Your operating systems must be bulletproof as well. Here's how to secure your Windows NT systems. Source: Network Magazine (Feb 1999)
Securing a Windows NT 4.0 installation.
Microsoft Whitepaper downloadable in Word document format.
Securing
your notebook computer with Windows 2000
Companies that spend many hours and dollars on network security
often don't give a second thought to securing the computers that
users carry out of the office each day. This article explains
why they--and you--should be taking the necessary steps to
secure laptops as well as PCs and servers. Source: EarthWeb.
Security Considerations When Implementing Clustered File Shares
Microsoft Knowledge Base Article: 254219 - This article describes how to administer file share security in Windows 2000 clustering, and to a limited extent Windows NT 4.0 Enterprise Server.
Standard Security Practices for Windows NT
Microsoft Knowledge Base Article: 166992 - Any security breach that requires access to administrative privileges needs to be dealt with using the appropriate security policy. This applies to all commercial operating systems, including Windows NT and UNIX.
Using
IPSec to Lock Down a Server
The Windows 2000 IPSec policy engine provides a very effective means to secure a
network interface. If you have a server that isn't protected by
a firewall or router with good access control lists, the
procedure described here is a must for ensuring that the server
remains secure. And even if one or more layers of defense
protect your server, this procedure adds an effective additional
layer©increasing your network's "defense in depth."
Source: Microsoft.com
Windows 2000 Certificate Services
Microsoft Windows 2000 Certificate Services offers customers an integrated public key infrastructure
(PKI) that enables the secure exchange of information across the Internet, extranets, and intranets. Certificate Services verifies and authenticates the validity of each party
involved in an electronic transaction and lets domain users log on to a domain using the additional security provided by smart cards. This paper introduces Windows 2000 Certificate Services and describes PKI deployment in a Windows 2000 network. Source: Microsoft.com (March
22, 2000)
Windows 2000 Security in an E-Commerce Environment
This white paper discusses security in a Microsoft© Windows? 2000 e-commerce Windows Distributed
internet Applications Architecture (DNA) environment, focusing on the middle tier. First it looks at the differences in security architecture between Microsoft Windows NT© and Windows
2000. Then it discusses Windows 2000 security enhancements such as the Kerberos protocol,
Snego, delegation, and cloaking. Finally, it will cover the security enhancements included in COM+, such as role-based security and security contexts. To get
the most from this paper, you should have some experience working with Windows NT security. Additionally, you should have at least minimal experience with Windows 2000 COM+ application development. After reading this paper, you will be able to use these security enhancements to
provide a greater level of security in your own applications. Source: Microsoft.com (Aug 2000)
Windows
2000 Server Security Migration Path

Sample chapter from Tom and Deb Shinder's "Configuring
Windows 2000 Server Security" by Syngress. The chapter
provides an overview of Windows 2000 security, as well as
examining its problems and limitations. It also provides
considerations for migrating to Windows 2000 and discusses
network security plans.
Working
With Windows 2000 Security Templates
An excellent 2 part primer on configuring security templates
in Windows 2000. Source: BrienPosey.com
Please
report broken links
|