Focus on Microsoft
Re: XP Hardening May 13 2008 06:34PM
techlists comcast net (2 replies)
RE: XP Hardening May 13 2008 08:37PM
Morris Sgt Derek P (derek p morris usmc mil) (1 replies)
Re: XP Hardening May 13 2008 10:36PM
Marc Handelman (mhandelman infosecurity us) (1 replies)
RE: XP Hardening May 14 2008 03:10AM
dave kleiman (dave davekleiman com)
You could always try S-Lok, it locks down servers and XP specific to their
function. (e.g. and IIS server has different lockdown features than an
Exchange server)

http://www.s-doc.com/products/slok.asp

Flash presentation: http://www.s-doc.com/products/presentation_slok.asp

I know the developer fairly well.

Respectfully,

Dave Kleiman - http://www.davekleiman.com
4371 Northlake Blvd #314
Palm Beach Gardens, FL 33410
561.310.8801

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed]
[mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Marc Handelman
Sent: Tuesday, May 13, 2008 18:37
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: XP Hardening

We also utilize the DISA Gold Disk hereabouts...
and of course, we all concur with the previous writers, Sgt. Morris
and
Paul.

While the DISA Gold Disk is indeed Outstanding and Extremely Useful
as a
Reference tool and Fully Functional in terms of it's ability to read
the
.infs to perform the 'lock-downs' it also Pays to Read the STIGs.

Automation is certainly what we strive for, however, without human
interaction on part of an Engineer, or an Examiner, what have you,
we become
too reliant on tools that may be compromised, themselves. Don't take
this as
a Luddite's view, just apply Common Sense to the effort, as noted by
the
previous writers.
---
Marc Handelman


> From: Morris Sgt Derek P <derek.p.morris (at) usmc (dot) mil [email concealed]>
> Date: Tue, 13 May 2008 13:37:14 -0700
> To: <focus-ms (at) securityfocus (dot) com [email concealed]>
> Subject: RE: XP Hardening
> Resent-From: <focus-ms-return-10064 (at) securityfocus (dot) com [email concealed]>
> Resent-Date: Tue, 13 May 2008 14:01:39 -0600 (MDT)
>
>
> I'll second the DISA Gold Disk option for hardening systems, but
like Paul
> said, check EVERY OPTION before you do it. I guarantee (from
personal
> experience) that it will break your system if you just do it to
the default
> level. It is however an outstanding tool.
>
> Sgt Morris
> USMC
> -----Original Message-----
> From: listbounce (at) securityfocus (dot) com [email concealed]
[mailto:listbounce (at) securityfocus (dot) com [email concealed]] On
> Behalf Of techlists (at) comcast (dot) net [email concealed]
> Sent: Tuesday, May 13, 2008 11:35
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: Re: XP Hardening
>
>
> -------------- Original message ----------------------
> From: maash.rajani (at) gmail (dot) com [email concealed]
>> Can anyone direct me to some resources explaining hardening
procedures
>> for windows XP.
>
> The US Defense Department puts their hardening guide online. They
have an
> automated tool called the Gold Disk that can scan your system and
generate a
> report of vulnerabilities it finds. The Gold Disk can also apply
most of the
> settings automatically.
>
> A strong warning however - applying the Gold Disk settings
wholesale is
> guaranteed to cause you problems.
>
> It is far better to selectively choose the settings you want to
apply - you
> don't need to apply everything. On a default system, it'll find
over 100
> different settings that it recommends changing.
>
> Paul
>
> This is a download link for the latest Gold Disk ISO image -
>
> http://iase.disa.mil/stigs/SRR/gdv2_cd1_engine_03_25_2008.iso

[ reply ]
RE: XP Hardening May 13 2008 08:01PM
Kevin Hegg (kevinhegg moturion com)


 

Privacy Statement
Copyright 2010, SecurityFocus