IMO, it's just a matter of doing your homework, really. The bypass traverse issues were only due to the fact that certain admins didn't research it before implementing. The MS Security Templates are often much improved when adding bits and pieces of your own, (making your own ADM files or altering existing ones.) MS defaults don't hold a lot of water much of the time but are certainly good things to use if you're just learning active directory, etc.
If you want to make sure users are not using QoS, just disable it using group policy object> computer config>admin template>network>QoS packet.. -----Original Message----- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 28, 2005 4:16 PM To: Bill Busby Cc: [email protected] Subject: Re: Security templates and settings in Windows XP And I'd follow the MS security templates... which are tested with their patches. Remember the issues with 05-051 [bypass traverse] occurred because admins deviated from MS security guidance and didn't test. Bill Busby wrote: >In setting up Windows XP and securing XP, NIST and SANS recomend >disabling QOS from XP. I am trying to find a registry key that for QOS >so that this setting can be checked remotely. Does anyonw know of such >a key? > >This is one of the steps towards securing Windows XP. > >Thanks, > >William > > > > >__________________________________ >Yahoo! for Good - Make a difference this year. >http://brand.yahoo.com/cybergivingweek2005/ > >----------------------------------------------------------------------- >---- >----------------------------------------------------------------------- >---- > > > > -- Letting your vendors set your risk analysis these days? http://www.threatcode.com --------------------------------------------------------------------------- --------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
