I'm not going to be in town but for those of you who are, this might be interesting. Toby ----------Forwarded message ---------- Delivered-To: toby@private Return-Path: <sans@private> Received: from server2.SANS.ORG (server2.sans.org [167.216.198.40]) by mail.seaport.net with esmtp; Wed, 21 Aug 2002 11:54:46 -0700 Received: by server2.SANS.ORG (rbkq) id QAJ75051 for toby@private; Wed, 21 Aug 2002 12:44:20 -0600 (MDT) Date: Wed, 21 Aug 2002 12:44:20 -0600 (MDT) Message-Id: <200208218290.QAJ75051@private> From: The SANS Institute <sans@private> Subject: Securing Windows 2000 - Hands on - Gold Standard, September 23, 2002 Precedence: bulk Errors-To: bounce@private Sender: sans@private To: Toby Kohlenberg "(SD517245)" <toby@private> Securing Windows 2000 - Hands on - Gold Standard, September 23, 2002 Greetings, if you are receiving this note it is because SANS believes you live near Portland, OR, where we are offering a one day, hands on course, on September 23, 2002, to teach you how to apply and audit the Gold Standard for Windows 2000 Professional. If you are not interested, I apologize for the intrusion and also at the very end of this note is information you can use to modify your email address or to unsubscribe from SANS mailings. If you want to attend, you will need a laptop with Windows 2000 Professional. Registration is limited to a maximum of 55 people to make the labs manageable. To register, please see http://www.sans.org/Win2KWorldTour and click on Portland, or an alternative city of your choice, if it is available. The Gold Standard is potentially the most important advance in information security. A US National Security Agency study found that more than 85% of successful system compromises would have been blocked had the owners been using the Gold Standard, which was jointly developed by the Center for Internet Security, NSA, DISA, NIST and GSA. In order for the defensive information community to realize the potential improvement available to us, we estimate we need to train 150,000 men and women how to apply and audit the standard. You're smart, you do the math, there is no possibility we are going to reach our goal teaching 55 people at a time. We are asking you to consider coming and to certify and to teach people in your organization how to do this, we will make the support resources available to you. As I write this, we are racing to typeset and print a professional quality book to serve as the text for the Gold Standard. Tools you will learn include: SECEDIT.EXE SECURITY CONFIGURATION & ANALYSIS SECURITY TEMPLATES TOOL HFNETCHK.EXE CIS SCORING TOOL SPECIAL NOTICE: The time it takes to complete one day courses with hands on labs can vary, please be prepared for the course to run late. The course is literally free of any fluff, we will teach you the standard in only one day out of the office. For this to be possible, we expect that you are already familiar with Windows 2000 and will download and install the HFNETCHK.EXE and CIS SCORING TOOL tools prior to coming to class. The secedit.exe tool is included as part of the Windows 2000 operating system. It is a command line utility and as such can be called from a batch file or logon script. Secedit.exe is used to Analyze and Configure security on a Windows 2000 machine. It can be used to apply a security template. Security Configuration and Analysis is a GUI snap-in for the MMC that includes functionality of the Secedit.exe tool, plus a lot more. It is not a part of any built-in consoles but can be added to a custom console. The templates tool is also available as an MMC snap-in. It is not a part of any built-in consoles but can be added to a custom console. The templates tool will list all the built-in security templates by default, located in the C:\Winnt\Security\Templates directory. The HFNetChk tool was developed by Shavlik Technologies for Microsoft in response to many administrators' complaints about needing a reliable method for determining the exact local and remote service Pack and Hotfix level of target machines. HfNEtChk.exe is freely available from the Microsoft website, http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools/hfnetchk.asp The Center for Internet Security tool is available on http://www.cisecurity.org/ If you attend the course and your organization decides they want to be a part of the leading edge in information security, The Center for Internet Security, a not-for-profit organization dedicated to establishing minimum standards for security, will offer a discount on CIS membership. To register: http://www.sans.org/Win2KWorldTour and click on Portland, or an alternative city of your choice. The course will be held at a hotel in each city. As soon as the exact course location is confirmed it will be listed on our website at: http://www.sans.org/Win2KWorld Tour. Kind Regards, Stephen Northcutt - The SANS Institute To change your subscription, address, or other information, visit http://www.sans.org/sansurl and enter your SD number (from the headers.) You will receive your personal URL via email. Unsubscribing will take you off any news bulletin lists for NewsBites or Security Alert Consensus as well as any conference information notes. You may also email sans@private with complete instructions and your SD number for subscribe, unsubscribe, change address, add other digests, or any other comments.
This archive was generated by hypermail 2b30 : Wed Aug 21 2002 - 13:56:02 PDT