Hi All,

This technical whitepaper is very useful to secure Win2K systems in most
environments. There is also a Tool that HP provides that would do this
automatically. It is called WebEnforcer. It is targetted for Web Servers/Web
Application Servers. However testing for internal Firewall - 1 - WebEnforcer
integration are underway and also other integration. I have got it to work
with the HP Bluestone Total-E-Server and with Broadvision 1-To-1 Enterprise
and Infoexchange but it has not been extensively tested. This tool as it is
targetted to the Web can secure IIS, Index Server, Scripting and Data
Access, NT lockdown.

It is a simple to use and user friendly tool to any administrator. Coupled
with this document, NT Administrator that do not know much about NT Security
can instantly sercure it within 1 to 2 hours or less than a day depending on
how fluent you are in NT Administration and Security.

Although I admit needs many enhancements, like installing into an existing
installation would require some application integration but as security is
the main concern for most new installation, this product works very very
well. New installations especially web servers can use this tool to lockdown
the NT Server and also schedule scanning based on the profile set on the
application. It can alert the administrator when something is out of sync
from the profile that you have set.

As Bruce Schneier has mentioned in his articles "The Cryptogram" - most
organization lack monitoring that allows hackers to exploit the changes in
security profiles/patches/holes that occur every day. With a tool like
WebEnforcer - it monitors known exploits that have been discovered and
patched by Microsoft and partners.

The tool can be found at www.hp.com/go/security. To download the evaluation
copy go to this direct link -
Win2K -
https://software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/try.pl?productNumber=
T1184BA&date=

WiNT -
https://software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/try.pl?productNumber=
B9444BA&date=

I also want to apologise about posting something that is not BUG related but
I am first a Technical Guy if I was not working for HP I would be sending
the same information. So please don't think that I am selling a product
here. I find the tool very useful for NT Administrators. Being one myself
before, this tool has eased many of the Administrator's reponsibilities
although I admit that it does not completely solve an administrator's
problem.

from Michael's desk...

----- Original Message -----
From: "Phil Cox" <Phil.CoxSYSTEMEXPERTS.COM>
To: <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
Sent: Saturday, March 31, 2001 7:27 AM
Subject: Hardening Windows 2000 document v1.0

> All,
>
> I have finally condensed chapter 21 of my book in to a paper about
hardening
> Win2K. I hope this proves helpful.
>
> There is a link to download the pdf on
> http://www.systemexperts.com/win2k.shtml
>
> It is different than Stephan Norberg's, in that it is not specific to a
> bastion host, but goes through the steps to harden a system to just about
> any level you want. Also since it is a more "general" document, I am sure
> that there will be many suggestions and disagreements. I will do my level
> best to make this a living document, and make regular version updates.
>
> Also, I have gotten a couple of Security Configuration Manager "inf"
files,
> and as I get more (or make them) for specific host configurations, I will
> make a "zip" file of them. As with all things from the net, please do
> understand what you get. Take a look through the "inf" files before you
use
> them, and always test them on a non-production system first.
>
> Phil
>
> --------------------------------------------------------------------------

--
> Delivery co-sponsored by BindView Corporation
>
============================================================================
> Are your security practices adequate enough to protect you from hackers
and
> crackers?  How do you provide remote access to your users, enable e-mail
> messaging, Internet sites and e-commerce activity, and at the same time
> maintain security?  Can you implement and administer the effective
security
> measures you need without doing battle with the people who need access to
> your network?
>
> Download FREE the latest Hurwitz Group Report, Management Controls:
> Security Impact of IT Administration at <http://www.bindview.com/hurwitz3>
> --------------------------------------------------------------------------
--
>
----------------------------------------------------------------------------
Delivery co-sponsored by BindView Corporation
============================================================================
Are your security practices adequate enough to protect you from hackers and
crackers?  How do you provide remote access to your users, enable e-mail
messaging, Internet sites and e-commerce activity, and at the same time
maintain security?  Can you implement and administer the effective security
measures you need without doing battle with the people who need access to
your network?
Download FREE the latest Hurwitz Group Report, Management Controls:
Security Impact of IT Administration at <http://www.bindview.com/hurwitz3>
----------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]