[ISN] Windows 2000 security draft released

From: InfoSec News (isnat_private)
Date: Thu Jan 31 2002 - 02:20:18 PST

  • Next message: InfoSec News: "[ISN] Windows 2000 security fixes released"

    [The NIST Windows 2K Professional security guide is at: 
    http://csrc.nist.gov/itsec/guidance_W2Kpro.html  - WK]
    By Diane Frank 
    Jan. 30, 2002
    The National Institute of Standards and Technology's security center
    on Jan. 28 released its draft guide for system administrators to
    secure Microsoft Corp.'s Windows 2000 Professional and many of the
    common applications that run on the operating system.
    The NIST Computer Security Resource Center's package, "System
    Administration Guidance for Windows 2000 Professional," is intended to
    describe a recommended process for securing Windows 2000 systems and
    It includes configuration guides, checklists and templates for
    applications such as Web browsers, antivirus software and e-mail
    The guidance is not intended to provide the final word on Windows
    security for agency systems administrators, and the center makes it
    very clear on its Web site and in the guide that agencies should not
    implement any of the recommended settings without first testing them
    within the agency's network.
    "This document is only a guide containing recommended security
    settings. It is not meant to replace well-structured policy or sound
    judgment. Furthermore, this guide does not address site-specific
    configuration issues. Care must be taken when implementing this guide
    to address local operational and policy concerns," the security
    center's site states.
    The center developed the guidance in collaboration with the National
    Security Agency, which has released several configuration guides for
    commercial products, including Windows NT and 2000.
    NIST serves as the primary technical security resources for civilian
    agencies under the Computer Security Act of 1987.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Thu Jan 31 2002 - 06:03:11 PST