http://www.itpapers.com/cgi/SubcatIT.pl?scid=277
http://secinf.net/info/unix/lance/nt.html
http://secinf.net/iwine.html
http://www.8wire.com/articles/?AID=2100
http://www.neohapsis.com/neolabs/Tech_Docs/wins.htm (outdated, but still
somewhat useful, since, in most enterprises with mixed NT and W2K (as well
as 95 and 98 desktops) WINS is the rule and AD the exception...ironically,
MS says that only by disabling file sharing do you get as tight a security
model as the BSDs and some Linux distros give you...so the disabling of one
of their selling points is necessary to keep you and your job safe)
and, of course the excellent neohapsis archives pages at:
http://archives.neohapsis.com/
Packet Storm Windows Forum:
http://209.100.212.5/cgi-bin/cbmc/forums.cgi?grabtopic=Submit&datopic=Window
s&uname=anonymous&authkey=anonymous
once you've done your job, some tools to test it:
http://packetstormsecurity.org/Win2k/
Hope it helped. My condolences. Get ready to be underpaid for more work and
less reward.
Michael J. Cannon
Ubiquicomm
mailto:[EMAIL PROTECTED]
----- Original Message -----
From: "Nigel" <[EMAIL PROTECTED]>
To: "Alex Pufhal" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Tuesday, September 18, 2001 7:36 PM
Subject: Re: Windows 2000 Questions
> One potential site that might help you is:
>
> http://nsa2.www.conxion.com/win2k/index.html
>
> Navigate to the Windows 2000 download section (pass the agreement page)
and
> there's some security templates and PDF files. Not bad at all.
>
> Also, a couple of books that might help you, although I'm sure other
people
> will have some better suggestions:
>
> Securing Windows NT/2000 Servers - O'Reilly
> Windows NT/2000 Network Security - Macmillan Technical Publishing
>
> Good luck with your job.
>
> Nigel Hedges
>
>
>
> ----- Original Message -----
> From: "Alex Pufhal" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, September 18, 2001 7:56 AM
> Subject: Windows 2000 Questions
>
>
> > Hello,
> >
> > I have a couple of questions that I hope are
> > appropriate for this forum.
> >
> > My background is in Linux/FreeBSD security and I have
> > NT administration experience but on built servers.
> >
> > I have a job offer on the table but, unfortunately,
> > it's on a Windows 2000 Server based network. It's a
> > small 10-node network. They were peer-to-peer but have
> > now gone client/server.
> >
> > It would be my task to build the server and obviously
> > secure it. Can someone point me at a HOWTO or websites
> > which detail everything that needs to be secured and
> > how to do so?
> >
> > It looks like I have a shot at this position but I
> > really need to know the security risks I'm facing
> > before I accept it.
> >
> > I would appreciate any direction to be pointed in.
> > Fortunately, I can throw a Linux box in but, not as
> > the main server.
> >
> > Alex
> >
> > __________________________________________________
> > Terrorist Attacks on U.S. - How can you help?
> > Donate cash, emergency relief information
> > http://dailynews.yahoo.com/fc/US/Emergency_Information/
>
