Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Mailing Lists -> Oracle-L -> fwd: _Hardening Windows 2000_ - free .pdf chapter 21

fwd: _Hardening Windows 2000_ - free .pdf chapter 21

From: Eric D. Pierce <>
Date: Wed, 08 Aug 2001 13:13:12 -0700
Message-ID: <>


follow up to C*o*d*e* R*e*d, etc. - - -


   Hardening Windows 2000


   Determining what steps need to be taken to secure a    system is one of the most frustrating things that    system administrators have to do. This white paper    provides a method for getting a Win2K server to a    "secure" baseline. From this baseline you can work    forward to install additional services. The focus of this    white paper is on the Win2K server, but much of the    information is applicable to Win2K Professional as well.

   This paper is excerpted and modified from Chapter 21    of the Windows 2000 Security Handbook    (ISBN: 0-07-212433-4, copyright Osborne/McGraw-Hill)    authored by Phil Cox and Tom Sheldon

   I hope this proves helpful,


   This following files are currently available:

   HardenW2K12.pdf: Hardening Windows 2000 version 1.2


   home_Low.ipsec: IPSec filters to block inbound    connections to NetBIOS/SMB ports (ews)


   home_User.inf: IPSec filters to set Local Security    Policy for a home user configuration (ews)


   secureWebServer.ipsec: IPSec filters to only allow    inbound http by default. Additional filters defined for    https, smtp, NetBIOS, ICMP (ews)


   Web_Secure.inf: IPSec filters to set Local Security    Policy for a web server configuration. Note that this    Web Server template was partially created on a    Windows 2000 Professional System, so Power Users    (or related SID) may be present in rulesets, instead of    Server Operators. (ews)

[] Zip file of the directory contents


   Note on Windows 2000 Templates and IPSec    filters Descriptions:
   Please test all templates on non-production servers. I    haven't had time to fully test all file and registry    changes on production systems. please send    comments and feedback to Eric Schultze or Phil Cox

   SystemExperts Corporation
   Boston | New York | Washington | San Francisco | Los Angeles | Sacramento | Tampa    Call 1-888-749-9800     ęCopyright SystemExpertsTMCorporation, 1995 - 2001. All rights reserved.    All trademarks used herein are the property of their respective owners.


Please see the official ORACLE-L FAQ:
Author: Eric D. Pierce

Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051
San Diego, California        -- Public Internet access / Mailing Lists
To REMOVE yourself from this mailing list, send an E-Mail message
to: (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).
Received on Wed Aug 08 2001 - 15:13:12 CDT

Original text of this message