Respectfully, if one could achieve a secure, protected environment using Windows 9x and NT 4 servers there wouldn't be any reason to upgrade. But of course, lacking the solution you seek, MS customers have been forced to upgrade to achieve these goals. On a positive note however, Novell 4.11 is a proven file server - secure and stable. Apply login and group policies with ZenWorks, if you already have the licensing.
Hacking Exposed is a good read. I think that you'll find that Windows 9x is impossible to secure. If you acknowledge that a Windows 9x environment is insecure and fragile, you can prepare accordingly. Use disk imaging software to copy PC hard drives for each platform. Train users to store files on the Novell server. Re-image PC hard drives to the default image at your convenience. I've even heard of universities that would re-image their lab PC's every night. Password protect the BIOS and disable all removeable media, if possible. Security Policy: Strong legal language to protect against malicious employees. Training to protect against human engineering. Install the best anti-virus technology you can budget. Physically secure the servers. Firewall the Internet. If you don't set your expectations too high you can draft a reasonable security policy (with emphasis on policy rather than technology or methods.) Good luck. Bill Sawyer wrote: >I work for a fairly large business here at home, and I've been asked to >draft a proposal for new security policies at work. Due >(unsurprisingly) to the budget constraints of our corporate structure, >we operate in a very, well...obsolete environment. The network is >built around a Novell 4.11 server, has two NT servers running (one with >ADP for payroll, the other with MS SQL 7, neither configured in any >type of domain structure), and mostly Windows 95a clients, though we do >have a number of Windows 98SE and Windows 2000 machines. > >What I need to do is basically threefold: >(1) Design a way to manage interoperability at the login level (ie, >login scripts and group policies) >(2) Manage system policies to prevent users from destroying their >systems >(3) Use available and/or freely available tools. > >Though I'm doing my own research, I wanted to toss this one out to all >of you for ideas. And yes, before you guys ask, the suggestions >"update everything to 2000", or, more optimally "ditch MS and switch to >Linux or Unix" have been shot down. > >I know somebody did a Capstone this past semester on securing Windows >95, and I regretted even at the time not being able to attend. If the >presenter or someone else could provide me with any sort of handouts or >slideshows from the presentation, that would certainly make my job >easier. Any other insight or assistance is welcome. > >Thanks in advance, >Bill > >----------------------------------------------------------------- >To get off this list, send email to [EMAIL PROTECTED] >with Subject: unsubscribe >----------------------------------------------------------------- > > ----------------------------------------------------------------- To get off this list, send email to [EMAIL PROTECTED] with Subject: unsubscribe -----------------------------------------------------------------
