Home | Site Map | Search | Contacts
About Us
News
Alerts
Events
Services
Resources
Report Incidents
Incident Statistics
Security FAQS
Training
Vacancies
Links

Search NISER
  NISER > Resources > Security Checklist
Policies and Procedures  |  Security Checklist  |  Windows 95/98/NT Security  |  Macintosh Security  |  UNIX Security  |  Router Security  |  Security Tools


Windows NT Microsoft Internet Information Server 4.0 Security Checklist

This checklist outlines some of the steps you should take to secure a Windows NT 4.0 Server running Microsoft Internet Information Server 4.0 on the Internet. Note, this document does not take into consideration firewalls or proxy servers. It also assumes the company has a security policy in place. 

Links:
http://www.microsoft.com/technet/security/iischk.asp
http://www.securityfocus.com/frames/index.html?focus=microsoft

tec-ref.com : Steps for Evaluating the Security of Windows NT Installation

What do you do when you face the task of evaluating the security of a Windows NT system? One approach is to obtain a package such as the Kane Security Analyst (KSA). Check the Intrusion Detection System's Web site at www.intrusion.com or check the Somarsoft site at www.somarsoft.com. Another approach is to manually evaluate the security of a system. Although this can be a daunting task, you will find it a little easier if you follow the steps provided here. This discussion provides quick steps for analyzing the security of a server.

Links:
http://www.ntresearch.com/ntchecks.html

Trusted System Services : Windows NT Security Guidelines

In April 1998, Trusted Systems completed a 1-year project for the National Security Agency (NSA) Research Organization to produce guidelines for securely configuring the Windows NT operating system. The principal author was Steve Sutton of TSS. These guidelines target best commercial and military practice, and are based on extensive research into previous and concurrent efforts. The completed 110-page guidelines are available free from the Trusted Systems web site.

Links:
http://www.trustedsystems.com/NSAGuide.htm

CERT/CC : Windows NT Configuration Guidelines

This document details common Microsoft Windows NT 4.0 configuration problems that have been exploited by intruders and recommends practices for deterring several types of break-ins. We encourage system administrators to review all sections of this document and modify their systems accordingly to fix potential weaknesses. 

Link:
http://www.cert.org/tech_tips/win_configuration_guidelines.html

CERT/CC : Windows NT Intruder Detection Checklist

This document gives some guidelines on looking for signs that your system may have been compromised 
 and also to examine log files . System administrators can use this information to look for several types of break-ins. We encourage you to review all sections of this document and modify your systems to address potential weaknesses. 

Link:
http://www.cert.org/tech_tips/win_intruder_detection_checklist.html

UNIX

CERT/CC : Intruder Detection Checklist

This document outlines suggested steps for determining if your system has been compromised. System administrators can use this information to look for several types of break-ins. A heavily modified version of this document is also available from Technotronic at http://www.technotronic.com/unix.html.

Links:
ftp://ftp.cert.org/pub/tech_tips/intruder_detection_checklist

CERT/CC : Steps for Recovering from a UNIX Root Compromise

This document sets out suggested steps for responding to a UNIX root compromise. Your response should be carried out in several stages.

Links:
ftp://info.cert.org/pub/tech_tips/root_compromise


Disclaimers and copyright information
Last Update March 11, 2001