Well, Windows is no more vulnerable than your average UNIX system is out of the box. This is especially true if you use a mass-market Linux distribution like Red Hat. You should just apply all of the patches available from Microsoft for whatever services you are running (you didn't mention which ones), and sign up for the Microsoft bulletins. In addition, Microsoft has some very good information about securing your machines under microsoft.com/security or something similar.
I've also heard good things about the Win2k security documents released by the NSA. You may want to find and read those. Regards, Dustin > -----Original Message----- > From: Michael Bartosh [mailto:[EMAIL PROTECTED]] > Sent: Sunday, October 21, 2001 2:37 AM > To: [EMAIL PROTECTED] > Subject: W2K where to start?? > > > Hi- > > I'm a unix / Mac guy. I agreed to set up a test installation of W2K > Advanced Server because the M$ rep has always been nice. It's going > to be in a DMZ so I'm not as scared as I would be, but my impression > is that windows in general is full of holes out of box (at least from > the number of command.exe's in my apache logs it would SEEM so), and > I don't know where to start when it comes to windows security- > > Where is a site I can go to that lists all the updates / patches I > need to get started. Any general advice? > > -mab > > -- >
