Hi everyone,

This URL doesnot provide details and indicates the page you requested cannot
be found.

Can anyone please help.

Best Regards

aruna
----- Original Message -----
From: "Jannie Hanekom" <j_hanekom (at) hotmail (dot) com [email concealed]>
To: <focus-ms (at) securityfocus (dot) com [email concealed]>
Sent: Friday, December 12, 2003 11:58 PM
Subject: RE: Blessed Windows Security Templates

> Hi MG
>
> It's rather comprehensive, but in that type of setup you may want to have
a
> look at Microsoft's "System Architecture" set of documents at
>
http://www.microsoft.com/business/reducecosts/efficiency/consolidate/msa
.msp
> x. (This used to be called "Microsoft Internet Data Center".)
>
> This consists primarily of a set of documents, so it won't give you a
shiny
> GUI. However, with a bit of reading, anyone with a bit of sense can
> implement the suggestions.
>
> I've only used the v1.0 documents, so can't speak for v1.5 or v2.0
directly,
> but they were VERY comprehensive and battle-hardened and are separated
into
> design blueprints and "reference" implementations, allowing you to use
> elements from both as you see fit. (Most notably the security documents
> will probably be of use to you.)
>
> Something else which may be useful is that the reference architecture uses
> the Microsoft/HP/EMC/Cisco hardware set, which is what you seem to be
> running SAP on. (That seems to be one of the more popular platforms for
SAP
> on NT anyway.)
>
> The documents themselves are free, but Microsoft sells the automated tools
> they mention in the docs at a hefty price. However, you can get by just
> fine in most situations by performing some of the tasks manually or
building
> your own (basic) tools.
>
> Hope that helps.
>
> Jannie
>
> -----Original Message-----
> From: RUSecure [mailto:rusecure (at) earthlink (dot) net [email concealed]]
> Sent: 12 December 2003 02:07
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: Blessed Windows Security Templates
>
>
> Hello all,
>
> I have a special request from a client.
>
> My client is looking for anyone who will help bless the use of ANY
security
> Template with use for Windows 2000 and a similar configuration as I will
> describe below. They would love to actually talk to someone as well if
> possible.
>
> I am on an SAP ITS Web front end engagement, so you can see why I am
> recommending they seriously harden their front-end and back-end Windows
> servers.
>
> So here is the configuration.
>
> Win2K SP4 running IIS 5.0.
> SAP ITS Wgate on the front end
> SAP Agate on the backend
>
> I have NOT hardened anything yet... And desperately want to using
something
> the client can repeatedly reproduce for use within their organization.
>
> I am recommending they use a Commercial tool, but that will take time, so
> MMC and templates for now.
>
> I am suggesting they use one of the Center for Internet Security Templates
> (CIS - www.cisecurity.org) which are the NIST and NSA templates for the
> Wgate servers in the DMZ Agate servers as well.
>
> I want them to have the ability of checking the systems using the CIS tool
> and have some level of hardening. I also suggest since they do not use
and
> security templates on standalone or through AD that they need to move to
> this direction for repeatability and basic security worthiness. They can
use
> MMC to manage and apply these templates and command line it for
reproduction
> and compliance.
>
> So has ANYONE used ANY template on a configuration similar to the one I
> listed ? It does NOT have to be SAP as any basic WEB front end using
> IISLockDown with a Static Web server and NOTHING else required except
> Insight Manager and SNMP and PcAnywhere.
>
> I recommended the following templates:
>
> Win2KSrvGold_r1.0.1.inf
>
> Or
>
> HISECWEB replacement Web_Secure.INF
>
> Or what comes with Win2K out of the box
>
> Hisecws.inf.
>
> Need I say the lack of use hardened servers is of great concern and they
> would desire to find someone that is actually using some "template.inf" to
> secure their environment.
>
> These servers are going on the Internet... !!!!!!!
>
> H E L P !
>
> Cheers,
>
> MG
>
>
> ------------------------------------------------------------------------
--
-
> ------------------------------------------------------------------------
--
-
>
>
> ------------------------------------------------------------------------
--
-
> ------------------------------------------------------------------------
--
-
>
>

------------------------------------------------------------------------
---
------------------------------------------------------------------------
---

[ reply ]