Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[ISN] Windows 2000 security draft released
From: InfoSec News (isnc4i.org)
Date: Thu Jan 31 2002 - 04:20:18 CST
[The NIST Windows 2K Professional security guide is at:
http://csrc.nist.gov/itsec/guidance_W2Kpro.html - WK]
By Diane Frank
Jan. 30, 2002
The National Institute of Standards and Technology's security center
on Jan. 28 released its draft guide for system administrators to
secure Microsoft Corp.'s Windows 2000 Professional and many of the
common applications that run on the operating system.
The NIST Computer Security Resource Center's package, "System
Administration Guidance for Windows 2000 Professional," is intended to
describe a recommended process for securing Windows 2000 systems and
It includes configuration guides, checklists and templates for
applications such as Web browsers, antivirus software and e-mail
The guidance is not intended to provide the final word on Windows
security for agency systems administrators, and the center makes it
very clear on its Web site and in the guide that agencies should not
implement any of the recommended settings without first testing them
within the agency's network.
"This document is only a guide containing recommended security
settings. It is not meant to replace well-structured policy or sound
judgment. Furthermore, this guide does not address site-specific
configuration issues. Care must be taken when implementing this guide
to address local operational and policy concerns," the security
center's site states.
The center developed the guidance in collaboration with the National
Security Agency, which has released several configuration guides for
commercial products, including Windows NT and 2000.
NIST serves as the primary technical security resources for civilian
agencies under the Computer Security Act of 1987.
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoattrition.org with 'unsubscribe isn' in the BODY
of the mail.