Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
This paper addresses: mitigating some risks by initially deploying a secure base configuration; newly discovered vulnerabilities; getting security updates; testing security updates in a non-production environment; scanning production systems for patch installation status; deploying security updates and management policy.
This paper will provide the reader with a high-level understanding of Group Policy, discuss some issues to consider when implementing Group Policy, and describe how strong password controls and secure account policies, as documented in the SANS Windows NT Security Step by Step, can be implemented in Windows 2000.
This document will explain how to manage hotfixes on a Windows 2000 server running IIS 5 on the Internet. There will be five sections to this document: Importance, Assumptions, Hotfix practices, Tools, Installing Hotfixes, and Resources.
This paper will describe the location and use of the tools that are built into Windows 2000 operating system. With these tools, the administrators have a greater degree of control and can provide a secure internet- aware enterprise without purchasing third party tools.
This document attempts to touch on a few of standards that can assist in ensuring that Availability, Integrity, Access control, Confidentiality, and Compliance (Auditability) objectives are met when using a Windows 2000 operating system.
This paper looks at simplifying the management of security for Windows 2000 by discussing role-based administration in Windows 2000 and a product that provides role-based administration capabilities for Windows 2000.
By: Chuck "Spence" Fasching (posted on October 31, 2003)
This paper discusses using Microsoft's Encrypted File System to mitigate the risk associated with mobile and network computing. Specifically, it addresses file system security in relation to encryption and EFS and discusses many of the best practices, as recommended by Microsoft and other sources
The author presents a detailed examination of the top five Windows IIS threats (2001): Remote Command Execution Via Internet Printing Service, Microsoft IIS CGI Filename Decode Error Vulnerability, Remote command execution via Buffer Overflow in Indexing Service, Unauthorised SMTP relaying, Buffer Overflow in FrontPage server extension.
This paper describes how, when DNS is fully integrated into Active Directory, you can then utilize three important security benefits in a Windows2000 network: Secure dynamic updates, Secure zone transfers, and Access Control Lists for zones and resource records.
This paper presented a procedure for establishing a test environment in which to prove ISA firewall rules. For a minimal investment, a student/professional can develop policies in vitro before deploying to the production environment. The sample rules are not presented as exhaustive.
This paper is a how-to guide for defending against a exploit and vulnerability based on an environment in which a Windows 2000 domain running in native mode. The vulnerability is weak passwords and its exploiter is none other than L0phtcrack v3 by @Stake.
This practical is a "how to" document that provides a brief overview of Intrusion Detection Systems (IDS), explains design considerations, and describes installation steps for the Windows 2000 Host Based Intrusion Detection System.
The purpose of this document is to shed some light on how to make it harder for an intruder to compromise the system. We'll be going through securing a Windows 2000 server running IIS 5.0 and some of the tools that we can use to scan system(s) before putting it into production.
This paper will provide an administrative person with the steps and wherewithal to survey their resources, research processes and procedures mainly from the Internet, and acquire the necessary hardware and software to fully configure a dual-boot laptop for use with the Windows 2000 and the Linux operating systems.
The purpose of this paper is to show how security administration can benefit by the use of six utilities for remote scanning for Microsoft hot fixes and service packs on multiple Windows systems (NT, 2000, XP, IIS 4 and 5, SQL Server 7.0 and 2000, Exchange 5.5 and 2000, Windows Terminal Server, and Windows XP Home Edition).
This paper attempts to give an overview of the security guides, tools and templates available from Microsoft, and to describe the basic steps involved in applying the tools and templates. The commonalities and differences between the security templates available are highlighted, and how several of these tools and templates can be used together to benefit from the settings made by each one is described.
This case study demonstrates the security practices and procedures followed as well as resources used to install Windows 2000 Terminal Server (Application Mode) and corresponding thin clients in a mostly unrestricted university environment.