> Start at the vendor's site http://www.microsoft.com/security.
just remember where the info is coming from. MS is not open about security issues. > >I'm a unix / Mac guy. I agreed to set up a test installation of W2K > >Advanced Server because the M$ rep has always been nice. I would advise reconsidering this. You should have a specific reason for testing this product, not just to be nice. Most salespeople (or ex) will recognize this tactic as the 'puppy dog' close. The idea being you take the puppy home and you won't bring it back. I will say that this is a good way to learn about MS and be able to say why you want MAC, or *nix instead of MS when the time comes to justify your choices. > > It's going > >to be in a DMZ so I'm not as scared as I would be, but my impression > >is that windows in general is full of holes out of box (at least from so are *nix systems. This is the usual anti-MS propaganda. You will here the same about *nix from MS people. *nix has the advantage of having been beat up first. Remember Robert Morris? > >the number of command.exe's in my apache logs it would SEEM so), and much like the number of <insert favorite *nix attack here> that I see on my IIS logs. > >I don't know where to start when it comes to windows security- then you are definitely in a hole. Just as you could not secure a *nix box your first try, you won't be able to do so with Win2K on your first try. I would see if you can find a Win2K experienced person to set this up. Usual bribes apply here. > > > >Where is a site I can go to that lists all the updates / patches I > >need to get started. Any general advice? As stated before, start at MS, but you will need outside assistance. "Hacking Win2K.." pub'd by Syngress is a pretty good intro. They also have a book on the wizards in Win2k which is helpful. Most important thing to remember is that MS has made Windows very easy to program, and admin. Many of the things that you would 'see' or have to pay attention to with *nix are hidden in Windows. They are there, just well hidden. Even more so than the MAC.
