Isn't that some of the same advice that got people screwed up by 05-051?
NSA recommended ACL tightening on Windows 2000.
If you follow that guidance you now must ensure that you are your own
test network.
Syv Ritch wrote:
Derick Anderson wrote:
I also stick to Microsoft best practices when it comes to Microsoft
servers, it's just safer that way. I haven't yet implemented the Windows
2003 Security guide templates (for fear of breaking our production
environment) but I plan to do that after I've taken care of some other
more basic issues (domain split, network split, user lockdown, etc.).
Maybe you should reconsider. There is lot better than MS when it comes
to advising on security.
http://www.nsa.gov/snac/downloads_all.cfm
The NSA. They have both guides and templates. It actually works and is
far more secure than the MS advice.
--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com
---------------------------------------------------------------------------
---------------------------------------------------------------------------
