NISER > Resources > Security Checklist
Windows NT Microsoft Internet Information Server 4.0 Security Checklist
This checklist outlines some of the steps you should take to secure a Windows NT 4.0 Server running Microsoft Internet Information Server 4.0 on the Internet. Note, this document does not take into consideration firewalls or proxy servers. It also assumes the company has a security policy in place.
tec-ref.com : Steps for Evaluating the Security of Windows NT Installation
What do you do when you face the task of evaluating the security of a Windows NT system? One approach is to obtain a package such as the Kane Security Analyst (KSA). Check the Intrusion Detection System's Web site at www.intrusion.com or check the Somarsoft site at www.somarsoft.com. Another approach is to manually evaluate the security of a system. Although this can be a daunting task, you will find it a little easier if you follow the steps provided here. This discussion provides quick steps for analyzing the security of a server.
Trusted System Services : Windows NT Security Guidelines
In April 1998, Trusted Systems completed a 1-year project for the National Security Agency (NSA) Research Organization to produce guidelines for securely configuring the Windows NT operating system. The principal author was Steve Sutton of TSS. These guidelines target best commercial and military practice, and are based on extensive research into previous and concurrent efforts. The completed 110-page guidelines are available free from the Trusted Systems web site.
CERT/CC : Windows NT Configuration Guidelines
This document details common Microsoft Windows NT 4.0 configuration problems that have been exploited by intruders and recommends practices for deterring several types of break-ins. We encourage system administrators to review all sections of this document and modify their systems accordingly to fix potential weaknesses.
CERT/CC : Windows NT Intruder Detection Checklist
This document gives some guidelines on looking for signs that your system may have been compromised
and also to examine log files . System administrators can use this information to look for several types of break-ins. We encourage you to review all sections of this document and modify your systems to address potential weaknesses.
UNIXCERT/CC : Intruder Detection Checklist
This document outlines suggested steps for determining if your system has been compromised. System administrators can use this information to look for several types of break-ins. A heavily modified version of this document is also available from Technotronic at http://www.technotronic.com/unix.html.
CERT/CC : Steps for Recovering from a UNIX Root Compromise
This document sets out suggested steps for responding to a UNIX root compromise. Your response should be carried out in several stages.
Disclaimers and copyright information
Last Update March 11, 2001