All,

- Next version (1.1) is out...
        * corrections on some registry keys
        * Corrected Native-Mode Mixed-Mode description
        * Added a paragraph on default file system permissions for C:\
        * More binaries to protect
- Added some configuration and IPSec filtering templates from Eric Schultze

The link at http://www.systemexperts.com/win2k.shtml will take you to a
directory where I have split out the files. I thought this might be easier
so people could get specific configuration files instead of ones they did
not want.

Here is the README1ST.txt file:

This directory contains the following files:
=============================================

- HardenW2K11.pdf: Hardening Windows 2000 version 1.1

- home_Low.ipsec: Blocks inbound connections to NetBIOS / SMB ports (ews)

- home_User.inf: Sets Local Security Policy for a home user configuration
(ews)

- secureWebServer.ipsec: Only allows inbound http by default. Additional
filters
defined for https, smtp, NetBIOS, ICMP (ews)

- Web_Secure.inf: Sets Local Security Policy for a web server
configuration. Note
that this Web Server template was partially created on a Windows 2000
Professional
System, so Power Users (or related SID) may be present in rulesets, instead
of
Server Operators. (ews)

- hardenWin2K.zip: Zip file of the directory contents

Windows 2000 Templates and IPSec filters Descriptions
=====================================================
Please test all templates on non-production servers. I haven't had time to
fully
test all file and registry changes on production systems. please send
comments and
feedback to Eric Schultze (ewstellurian.net) or Phil Cox
(Phil.CoxSystemExperts.com)

Phil

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]