 |
Vanstechelman.eu | |
|
|
Navigation
My posts on Twitter
- lvanstechelman: For Better Password Policies: OWASP Passfault http://t.co/Tyzk2z6V
- lvanstechelman: XSS attack vector: Eval a url http://t.co/XbbtbivM
- lvanstechelman: New Product: Google Drive http://t.co/OlfyF4oO
- lvanstechelman: @ZIONSECURITY According to http://t.co/i073PUwc the attribute must case-insensitively match the string "HttpOnly"
- lvanstechelman: @ZIONSECURITY My logs contain requests containing the GET parameters like requested by the end-user e.g. /user/login?destination=node%2F1
Free Microsoft technical references
On this page you can find some links to free online security books for different Windows products from Microsoft.
- Windows XP Security Guide
The guide provides specific recommendations about how to harden computers that run Windows XP with SP2 in three distinct environments:- Enterprise Client (EC). Client computers in this environment are located in an Active Directory directory service domain and only need to communicate with systems that run Windows 2000 or later versions of the Windows operating system.
- Stand-Alone (SA). Client computers in this environment are not members of an Active Directory domain and may need to communicate with systems that run Windows NT 4.0.
- Specialized Security Limited Functionality (SSLF). Concern for security in this environment is so great that a significant loss of functionality and manageability is acceptable. For example, military and intelligence agency computers operate in this type of environment.
- Windows Server 2003 Security Guide
The updated Windows Server 2003 Security Guide provides specific recommendations about how to harden computers that run Microsoft Windows Server 2003 with Service Pack 1 (SP1) in three distinct enterprise environmentsone in which older operating systems such as Windows NT 4.0 and Windows 98 must be supported, one in which Windows 2000 is the earliest version of the Windows operating system in use, and one in which concern about security is so great that significant loss of client functionality and manageability is considered an acceptable tradeoff to achieve maximum security. These three environments are respectively referred to as the Legacy Client (LC), Enterprise Client (EC), and Specialized Security Limited Functionality (SSLF) environments throughout this guide. - Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP
The Threats and Countermeasures guide provides you with a reference to all security settings that provide countermeasures for specific threats against current versions of the Microsoft Windows operating systems. This guide is a companion to two other Microsoft publications: The Windows Server 2003 Security Guide, which is available at http://go.microsoft.com/fwlink/?LinkId=14845, and the Windows XP Security Guide, which is available at http://go.microsoft.com/fwlink/?LinkId=14839. Many of the countermeasures that are described in this guide are not intended for specific computer roles in the companion guides, or in some cases for any roles at all. - Managing Internet Explorer Enhanced Security Configuration
The Microsoft® Windows Server 2003 Internet Explorer Enhanced Security Configuration component (also known as Microsoft Internet Explorer hardening) reduces a server’s vulnerability to attacks from Web content by applying more restrictive Internet Explorer security settings. As a consequence, Internet Explorer Enhanced Security Configuration may prevent some Web sites from displaying properly or performing as expected. It may also prevent users and administrators from accessing resources with Universal Naming Convention (UNC) paths on a corporate intranet. This white paper provides information about managing Internet Explorer Enhanced Security Configuration so that users and administrators can access trusted resources and Web sites on a corporate intranet and on the Internet. Examples of how to use Group Policy, scripts, answer files, and user interface (UI) elements to manage Internet Explorer Enhanced Security Configuration are provided. - Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2
Windows XP Service Pack 2 (SP2) includes the Windows Firewall, a replacement for the Internet Connection Firewall (ICF) in previous versions of Windows XP. Windows Firewall is a stateful host-based firewall that discards unsolicited incoming traffic, providing a level of protection for computers against malicious users or programs. To provide better protection for computers connected to any kind of network (such as the Internet, a home network, or an organization network), Windows XP SP2 enables Windows Firewall on all network connections by default. This new behavior can impair some types of communications. This article describes how to deploy the appropriate configuration settings for Windows Firewall on an organization network so that it is enabled and providing protection, and so that communications are not impaired. - Secure Wireless Access Point Configuration
Businesses that have deployed wireless networks usually have many concerns about the security of their solution, whereas businesses that have shied away from wireless technology worry about the obvious productivity and infrastructure savings they may have missed. Well-publicized flaws were discovered in the first generation of IEEE 802.11 WLAN security protocols. Even though many workarounds have been developed through the years, the typical solutions offered to address wireless security issues have either been too costly or have had their own inherent flaws. As the technology has matured to allow for higher speeds and more reliability, the standards used to secure wireless transmissions have also matured. The latest wireless security protocols, WPA and WPA2, based on the IEEE 802.11i standard, help provide strong protection for wireless traffic even in the most rigorous security environments. These current standards, when configured properly, are much more secure and can be used with a high level of confidence in a midsize business environment. This guidance discusses the challenges that midsize businesses face when considering wireless networks, and provides valuable information to design and implement an effective solution for securing a Wireless Access Point (WAP). The solution for securing a midsize business wireless network includes:- Assessing WLAN Security
- Developing a Secure WLAN Solution
- Deployment and Management
- Security Monitoring and Attack Detection
The primary goal of a security monitoring and attack detection system is to help identify suspicious events on a network that may indicate malicious activity or procedural errors. This guidance describes how to develop a plan to help address the need for such a system on Windows-based networks. It also provides instructions about how to implement, manage, and validate such a system. - Protecting a Network from Unmanaged Clients
Security organizations and professionals now understand that internal network risks, whether intentional or accidental, have the potential to be even more perilous than external threats. Many organizations have made significant investments of time and resources in areas such as patch management, anti-malware solutions, and identity management initiatives. To maximize the effectiveness of their investments and to ensure that these investments are used universally, organizations must find ways to efficiently enforce security policies. Rogue computers can be a problem for system administrators and security professionals. Such noncompliant computers pose a number of risks, from being vulnerable to malware infection to being potential platforms for an attack. Traditionally, they have been difficult to manage and bring into compliance. This security guidance discusses some effective approaches that can be used to help enforce compliance with security policies. These approaches maximize the benefits of risk management efforts and add an extra layer of security to midsize business networks that will help reduce the risks associated with untrusted and unmanaged computers. - The Security Risk Management Guide
The Security Risk Management Guide explains how to conduct each phase of a security risk management project and create an ongoing process that drives the organization towards the most useful and cost-effective controls to mitigate security risks. It incorporates real-world experiences from Microsoft IT and also includes input from Microsoft customers and partners.
This guide references many industry accepted standards for managing security risks. It is an important example of Microsoft's commitment to delivering quality guidance to help customers secure their IT infrastructures. - The Security Monitoring and Attack Detection Planning Guide
The Security Monitoring and Attack Detection Planning Guide is a practical support document for business and information technology professionals who are working to develop systems to monitor security on a network and to detect intruders. Its primary goals and objectives are to:- Introduce the concepts of security monitoring and attack detection.
- List applications that can provide event log correlation.
- Describe best practice activities and processes for developing a security monitoring and attack detection system.
- Identify business, technical, and security issues for:
- Detecting policy violations
- Detecting external attacks
- Implementing forensic analysis
- Design a security monitoring and attack detection solution that can identify when attacks on the network take place.
- Provide the ability to implement data retention for Forensic Analysis.
- The Administrator Accounts Security Planning Guide
The Administrator Accounts Security Planning Guide is designed to be an indispensable resource when organizations plan their strategy to secure administrator level accounts in Microsoft Windows NT-based operating systems such as Windows Server 2003 and Windows XP. It addresses the problem of intruders who acquire administrator account credentials and then use them to compromise the network. The main goal of this guide is to provide prescriptive guidance in terms of the steps an organization can take to secure local and domain-based administrator-level accounts and groups.
The Administrator Accounts Security Planning Guide is a practical support document for business and information technology (IT) professionals who are planning a strategy for securing administrative users and groups. Its primary goals and objectives are to:- Introduce the concepts of securing administrator accounts.
- Describe the approach to making administrator accounts more secure.
- Describe the importance of securing administrator accounts.
- Describe the principle of least privilege.
- Describe the best practice guidelines to follow to make administrator accounts more secure.
- The Services and Service Accounts Security Planning Guide
The Services and Service Accounts Security Planning Guide is designed to be an important resource when organizations plan their strategy to run services more securely under the Microsoft® Windows Server 2003™ and Windows® XP operating systems. It addresses the common problem of Windows services that are set to run with highest possible privileges, which an attacker could compromise to gain full and unrestricted access to the computer or domain, or even to the entire forest. It describes ways to identify services that can run with lesser privileges, and explains how to downgrade those privileges methodically. This guide can help organizations assess their existing services infrastructure and make some important planning decisions in relation to future service deployments.
The Services and Service Accounts Security Planning Guide is a practical support document for business and information technology (IT) professionals who are planning a strategy for running services more securely. Its primary goals and objectives are to:- Introduce the concepts of running services more securely.
- Describe the importance of running services more securely.
- Describe the principles and strategies to apply when planning a program to run services more securely.
- Describe the best practice guidelines to follow to run services more securely
- Securing Critical and Service Accounts
The matter of managing the security for all account types in a network is a very important aspect of managing risk for a midsized business. Internal and external threats must be taken into consideration, and the solution to these threats must balance the need for security with the functionality a midsized business demands from their network resources.
This paper will help midsized businesses understand the risks associated with administrative, service, application-related, and default accounts. This paper discusses the nature of these accounts, how to identify them, how to determine the appropriate permissions that they require to function, and how to mitigate the risks inherent in elevated service accounts and administrator level accounts. - Group Policy Settings Reference for Windows Server 2003
This spreadsheet lists Group Policy settings described in Administrative Template (.adm) files and Security Settings that shipped with Windows Server 2003 Service Pack 1. This includes all Administrative Template policy settings supported on the following operating systems: Microsoft Windows Server™ 2003, Windows XP Professional with SP2 or earlier service packs, and Microsoft Windows 2000 with Service Pack 4 or earlier service packs. In addition, this spreadsheet includes the following categories of security policy settings: Account Policies (Password Policy, Account Lockout Policy, and Kerberos Policy), Local Policies (Audit Policy, User Rights Assignment, and Security Options), Event Log, Restricted Groups, System Services, Registry, and File System policy settings. Note: This does not include security settings that exist outside of the Security Settings extension (scecli.dll), such as Wireless Network extension, Public Key Policies, or Software Restriction Policies.
The spreadsheet includes separate worksheets for each of the .adm files and the security policy settings that shipped in Windows XP SP2 , a consolidated worksheet for easy searching, and an Update History worksheet that lists policy settings that have been added since the Windows Server 2003 operating systems were released. Using column filters, you can easily filter the information in the spreadsheet by operating system, component, or machine/user configuration. You can also search for information by using text or keywords. - Microsoft Exchange Server 2003 Security Hardening Guide
http://go.microsoft.com/fwlink/?linkid=37804
This guide is designed to provide you with essential information about how to harden your Microsoft® Exchange Server 2003 environment. In addition to practical, hands-on configuration recommendations, this guide includes strategies for combating spam, viruses, and other external threats to your Exchange 2003 messaging system. Although most server administrators can benefit from reading this guide, it is designed to produce maximum benefits for administrators responsible for Exchange messaging, both at the mailbox and architect levels. - Data Encryption Toolkit for Mobile PCs
http://www.microsoft.com/downloads/details.aspx?FamilyId=1A99576A-FE67-4...
This toolkit is intended to help you secure the data on your organization’s mobile PCs--in a cost-effective way--using Encrypting File System (EFS) and Microsoft BitLocker Drive Encryption (BitLocker) technologies.