Very well put, Mike. I think that when people haven't looked at the guides, they may not realize that the bulk of what is in them is informative rathter than a simple "do this...do that" set of instructions. I personally believe that anybody who is touching Win2K3, claims interest in security, yet hasn't read the Microsoft Security Guidance documents should spend a few days with those guides before making any proclamations. One can't speak to that which one does not yet know. :-)
Laura > -----Original Message----- > From: Mike Dieroff [mailto:[EMAIL PROTECTED] > Sent: Friday, November 11, 2005 2:33 PM > To: [EMAIL PROTECTED] > Cc: [email protected]; [EMAIL PROTECTED]; 'Derick Anderson' > Subject: Re: What server hardening are you doing these days? > > As a man of few words Laura, I have to say touche!!! > > Server hardening - what a concept when each and every server > has and depicts different needs. Nothing can compensate for a > solid understanding in infrastructure and application > Security needs of a network. > > Correct me if I am not wrong, but many of the guides > facilitate an understanding. Then it's all up to the imagination!!! > > Mike > > ----- Original Message ----- > From: "Laura A. Robinson" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; "'Derick Anderson'" <[EMAIL PROTECTED]> > Cc: <[email protected]> > Sent: Friday, November 11, 2005 2:26 AM > Subject: RE: What server hardening are you doing these days? > > > > Okay, now I'm just chuckling. Have you actually downloaded > these guides? > > The > > Win2K3 NSA OS security guide IS the Microsoft guide. One > and the same. > > Copyrights intact. S A M E G U I D E. > > > > Again, the NSA puts the MICROSOFT Win2K3 security guide on > the NSA site > > because it is solid, tested, and very, very well-done. > > > > Laura > > > >> -----Original Message----- > >> From: Syv Ritch [mailto:[EMAIL PROTECTED] > >> Sent: Thursday, November 10, 2005 6:34 PM > >> To: Derick Anderson > >> Cc: [email protected] > >> Subject: Re: What server hardening are you doing these days? > >> > >> Derick Anderson wrote: > >> > >> > I also stick to Microsoft best practices when it comes > to Microsoft > >> > servers, it's just safer that way. I haven't yet implemented the > >> > Windows > >> > 2003 Security guide templates (for fear of breaking our > production > >> > environment) but I plan to do that after I've taken care of > >> some other > >> > more basic issues (domain split, network split, user > >> lockdown, etc.). > >> > > >> > >> Maybe you should reconsider. There is lot better than MS when > >> it comes to advising on security. > >> > >> http://www.nsa.gov/snac/downloads_all.cfm > >> > >> The NSA. They have both guides and templates. It actually > >> works and is far more secure than the MS advice. > >> > >> -- > >> Thanks > >> http://www.911networks.com > >> When the network has to work Cisco/Microsoft > >> > >> -------------------------------------------------------------- > >> ------------- > >> -------------------------------------------------------------- > >> ------------- > >> > > > > > > > -------------------------------------------------------------- > ------------- > > > -------------------------------------------------------------- > ------------- > > > > > --------------------------------------------------------------------------- ---------------------------------------------------------------------------
