Securing the Symantec LiveUpdate Administrative Utility on Windows 2000

This paper describes in detail the steps required to implement and harden a Symantec LiveUpdate server on a Microsoft Windows 2000 platform. Such a server can greatly reduce the bandwidth required by Norton Antivirus client machines across a campus or enterprise network. It can also prevent denial of service attacks against Norton Antivirus client machines and control the rollout of virus updates. Like any server connected to the Internet, it should be hardened (turned into a bastion host) in order to prevent malicious outsiders from accessing and exploiting it. In addition to being a cookbook to build a LiveUpdate FTP server, this paper describes methods and concepts that can be used to secure any vendor application on the Windows 2000 platform. Furthermore, the methods described herein are all native to Windows 2000 (N.B. auditing tools excepted). Thus insuring that these methods can be used consistently in large environments at no additional costs.