Allaire released some good whitepapers regarding locking down NT server. They had a list of services not needed in a web server environment and a list of registry changes that could be made for increased security. Do these still apply to win2k? Are there any more similar resources.
FYI, I find this site great for SQL Server Security.http://www.sqlsecurity.com/. Check out the checklist Brook At 12:47 PM 20/09/02 -0500, you wrote: >1. Keep all your service packs patches up to date. > >2. Install and run IIS lockdown and URLScan (some make fun of this applet, >but ASAPI filtering DOES work!) > >3. Do away with easy passwords by running Microsoft's Security checker. > >4. Disable unneeded services. > >98% of the battle is fought here > >Then think about firewalls. > >================================ >This address is filtered through the open relay database at >http://www.ordb.org >and is virus scanned by ANTIVIR >http://www.dwhite.ws >mailto:[EMAIL PROTECTED] >================================ >----- Original Message ----- >From: "Adam Reynolds" <[EMAIL PROTECTED]> >To: "CF-Server" <[EMAIL PROTECTED]> >Sent: Friday, September 20, 2002 12:19 PM >Subject: OT: Good Security Practice Resources for Windows 2000( was RE: >Firewall Software) > > >| I'll shift the emphasis here then. >| >| I'm new to running a Win2000 server and currently very 'unhappy' with my >| knowledge. >| >| Anybody have any links to sites/articles that explain best practices, step >| by step? >| >| I'm living in dread (well not really) of the machine getting very quickly >| hacked. >| >| Adam >| >| > ______________________________________________________________________ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm ------------------------------------------------------------------------------ To unsubscribe, send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body or visit the list page at www.houseoffusion.com
