[prev in list] [next in list] [prev in thread] [next in thread]
List: focus-ms
Subject: RE: XP Hardening
From: "dave kleiman" <dave () davekleiman ! com>
Date: 2008-05-14 3:10:28
Message-ID: 014b01c8b570$bb1db4f0$31591ed0$ () com
[Download RAW message or body]
You could always try S-Lok, it locks down servers and XP specific to their
function. (e.g. and IIS server has different lockdown features than an
Exchange server)
http://www.s-doc.com/products/slok.asp
Flash presentation: http://www.s-doc.com/products/presentation_slok.asp
I know the developer fairly well.
Respectfully,
Dave Kleiman - http://www.davekleiman.com
4371 Northlake Blvd #314
Palm Beach Gardens, FL 33410
561.310.8801
-----Original Message-----
From: listbounce@securityfocus.com
[mailto:listbounce@securityfocus.com] On Behalf Of Marc Handelman
Sent: Tuesday, May 13, 2008 18:37
To: focus-ms@securityfocus.com
Subject: Re: XP Hardening
We also utilize the DISA Gold Disk hereabouts...
and of course, we all concur with the previous writers, Sgt. Morris
and
Paul.
While the DISA Gold Disk is indeed Outstanding and Extremely Useful
as a
Reference tool and Fully Functional in terms of it's ability to read
the
.infs to perform the 'lock-downs' it also Pays to Read the STIGs.
Automation is certainly what we strive for, however, without human
interaction on part of an Engineer, or an Examiner, what have you,
we become
too reliant on tools that may be compromised, themselves. Don't take
this as
a Luddite's view, just apply Common Sense to the effort, as noted by
the
previous writers.
---
Marc Handelman
> From: Morris Sgt Derek P <derek.p.morris@usmc.mil>
> Date: Tue, 13 May 2008 13:37:14 -0700
> To: <focus-ms@securityfocus.com>
> Subject: RE: XP Hardening
> Resent-From: <focus-ms-return-10064@securityfocus.com>
> Resent-Date: Tue, 13 May 2008 14:01:39 -0600 (MDT)
>
>
> I'll second the DISA Gold Disk option for hardening systems, but
like Paul
> said, check EVERY OPTION before you do it. I guarantee (from
personal
> experience) that it will break your system if you just do it to
the default
> level. It is however an outstanding tool.
>
> Sgt Morris
> USMC
> -----Original Message-----
> From: listbounce@securityfocus.com
[mailto:listbounce@securityfocus.com] On
> Behalf Of techlists@comcast.net
> Sent: Tuesday, May 13, 2008 11:35
> To: focus-ms@securityfocus.com
> Subject: Re: XP Hardening
>
>
> -------------- Original message ----------------------
> From: maash.rajani@gmail.com
>> Can anyone direct me to some resources explaining hardening
procedures
>> for windows XP.
>
> The US Defense Department puts their hardening guide online. They
have an
> automated tool called the Gold Disk that can scan your system and
generate a
> report of vulnerabilities it finds. The Gold Disk can also apply
most of the
> settings automatically.
>
> A strong warning however - applying the Gold Disk settings
wholesale is
> guaranteed to cause you problems.
>
> It is far better to selectively choose the settings you want to
apply - you
> don't need to apply everything. On a default system, it'll find
over 100
> different settings that it recommends changing.
>
> Paul
>
> This is a download link for the latest Gold Disk ISO image -
>
> http://iase.disa.mil/stigs/SRR/gdv2_cd1_engine_03_25_2008.iso
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic