Jump to content

Security updates

tain

By tain
in HFSLIP

 Share

NSA mods  

2 members have voted

  1. 1. Should the NSA mods be incorporated into HFSLIP/FDV?

    • No
      0
    • Yes
      0
    • Yes, but just some of them
      0

Recommended Posts

tain

tain

Posted
Posted
NSA has developed security configuration guidance for Windows 2000, with the cooperation of other government agencies and industry partners who provided their expertise and extensive technical review.
http://www.nsa.gov/snac/downloads_win2000....uID=scg10.3.1.1

They have .INFs and all kinds of good info. Any chance of incorpating some/all of this with HFSLIP or FDV's fileset?

Is a poll appropriate for nominating new "features" like this? We'll see how it goes :)

Link to comment
Share on other sites

fdv

fdv

Posted
Posted

fyi, i did base some of my security setting info from templates that i downloaded from the NIST's Computer Security Resource Center. i am downloading the NSA inf files now and i'll have a look. right now i seem to be stalled at 758kb of 15,758kb :wacko:

if someone else wants to start writing instructions on how to implement security templates from CSRC and NSA, i will put it on my site...

so, i'll hold off on my own vote til i actually see these files :D

Link to comment
Share on other sites
saugatak

saugatak

Posted
Posted

FDV I thought you did incorporate some of those mods.

Few concerns I have:

1. Will any of those mods screw up popular programs?

2. Will any of those mods be affected by subsequent security downloads?

FDV I thought you did incorporate some of those mods.

Few concerns I have:

1. Will any of those mods screw up popular programs?

2. Will any of those mods be affected by subsequent security downloads?

Link to comment
Share on other sites
Oleg_II

Oleg_II

Posted
Posted

Sorry if it is not related but I'd like to ask about these Security Templates in i386: are they ALL needed? I'm completely new to it but some of them seems to be foe workstation and some for server :wacko:

Or do they needed on IE-free system at all?

Link to comment
Share on other sites
  • 2 weeks later...
fdv

fdv

Posted
Posted

i finally got some time to comb through these. they are best practice whitepapers. (in other words, they are simply a bunch of PDFs that the NSA has released about good security practices). it's a dry read and they talk about things that most people here would kind of say "huh? why would you do it that way?" for example, the papers talk about securing IIS. if you're using my fileset, you don't install IIS. the papers don't really get into disabling Internet Explorer, even... yet another group of people that don't seem to realize that to make Windows more secure, you really have to rip stuff out of it. so, i can't really recommend bothering with the NSA papers, because even if you are setting up (for example) Active Directory, you'll probably find more useful information in an O'Reilly's book.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...