| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Windows 2000 and NT
|
|
Windows 2003
|
|
Windows XP
|
|
NTFS Security Considerations The New Technology File System was introduced with Windows NT to address security problem. With NTFS, files, directories and windows can each have their own security. This allows a great deal of flexibility in setting up a network. Microsoft recommends that all network shares be established using the NTFS file system. This paper has its origins in two events - a spate of papers that compare FAT and NTFS and a personal attempt to describe the security points of NTFS.
Mohammad Heidari,
06/21/2005
|
|
The Administrator Shortcut Guide to Active Directory Security Chapter 3 Before we dive into who will manage GPOs—we will tackle the details of controlling the management of GPOs in the next chapter—we must first establish a foundation of knowledge by exploring the basics of GPOs. One of the most important aspects of a GPO is its ability to control security for user and computer accounts in the domain. A GPO has almost 1000 policy settings. The security settings are spread throughout the structure of the GPO, so simply finding a specific GPO setting can be a daunting task. This chapter will lay out the structure of a GPO, indicating where the essential security policies reside, allowing you to efficiently find the settings that you need.
By Derek Melber, Dave Kearns, and Beth Sheresh, 04/14/2005
|
|
The Administrator Shortcut Guide to Active Directory Security Chapter 2 The security that you design for AD must be implemented properly to be effective. Failure to follow your design documents can leave AD vulnerable to attacks from both within and outside of the LAN. In addition, AD security is very difficult to audit and track if not set up properly. In some cases, it will be easier to start over rather than to attempt to secure the AD environment after it has been installed and configured with many objects, settings, and features.
By Derek Melber, Dave Kearns, and Beth Sheresh, 04/06/2005
|
|
FOCUS on Microsoft: Securing NT - Choosing Strong Passwords Discussions of password length may seem rather passe these days. Internal and external auditors have long suggested the use of lengthy passwords to help fortify the primary authentication mechanism in today's Operating System. Crypto details aside, it would make sense that longer may be better, and the auditors agreed. Their older recommendations of six character passwords have been updated to reflect new times - eight is now the standard recommendation. In some cases, you may hear cause for an even longer password, as long as users won't be tempted to write it down. Unfortunately, the 6/8+ recommendation was pushed forth prior to the rise in popularity of LanMan, OS/2 and Windows NT.
By Eric Schultze, 07/30/2004
|
|
DoD-Certified Trusted Systems And You - Part Two The Orange Book itself is not that useful for evaluating or assessing NT 4.0; the TCSEC guidance solely exists to give a broad overview of what an organization should examine when determining the security level compliance of a given system. The Orange Book is therefore necessarily vague, and the terms and conditions may or may not apply to NT 4.0. There are four general divisions of security criteria, A, B, C, and D, with A being the most rigorous standard. divisions B and C are further broken into classes C1, C2, B1, B2, and B3, and there is an unnamed category "beyond A1." It is readily apparent that C2 is a relatively low security criteria class.
By Ben Malisow, 07/30/2004
|
|
Forensic Log Parsing with Microsoft's LogParser Investigating a web-based intrusion can be a daunting task, especially when you have no information other than knowing it was web-based. It is easy to waste precious time digging through megabytes, perhaps even gigabytes, of log files trying to locate suspicious activity. Often this search turns up little useful evidence.
By Mark Burnett, 07/14/2004
|
|
FOCUS on Microsoft: Securing NT: HTR and RDS Attacks If you've installed Windows NT with IIS 4.0 on your home or corporate server and haven't taken the specific steps detailed below, be prepared to address your family and/or corporate shareholders and explain why your website has been "hacked".
By SecurityFocus, 07/14/2004
|
|
FOCUS on Microsoft: Patching Exchange Server Document describing patching of Exchange Server 2000 with some neccessary hotfixes. The article was written 2001, so precaution should be taken to patch system up to current day levels.
By Security Focus, 07/14/2004
|
|
Securing Exchange 2000, Part Two This is the second installment in the two-part series on securing Exchange 2000. The first article offered a brief overview of implementing Exchange 2000, along with some exploits that systems administrators need to be aware of. This installment will focus on secure configuration and administration of Exchange 2000, including locking down Exchange, and an analysis of some publicized vulnerabilities.
By Chris Weber, 07/14/2004
|
|
Securing Exchange 2000, Part One This article is the first of a two-part series that will to provide a technical look at some of the fundamental requirements for securing Microsoft Exchange Server 2000 and Outlook Web Access (OWA) running in a Windows 2000 Active Directory environment. I will start by looking at some exploits for Exchange server to give readers an idea of areas that need protection. Then I’ll get right into the Exchange application and discuss some of its inherent security features, as well as some secure network designs for Exchange/OWA deployments.
By Chris Weber, 07/14/2004
|
|
Page: 1 23 |
