Courseware URL References, Part: 1
2 3
4 5
6 7
|
Part 1, Identifying Security Risks |
||
| p. 3 (also referenced in Part 5, pp. 8 and 10) |
Microsoft Windows Update Website | |
| p. 3 | Microsoft Security Bulletins (TechNet) | This overlaps some of Microsoft's Security Website |
| p. 9, 12 | Microsoft Security Website | www.microsoft.com/security, contains security bulletins and tools, such as the Microsoft Security Toolkit |
| p. 10 | How to Enable Strong Password Functionality in WinNT 4.0 | Q161990 |
| p. 10 | Microsoft Support Website | http://support.microsoft.com |
|
Part 2, Performing a Risk Assessment |
||
| p. 2 | Microsoft Operations Framework (MOF) | A methodology for managing risk |
| p. 3 (also referenced in Part 3, p. 2) |
Internet Site Security Handbook, RFC 2196 | |
|
Part 3, Developing a Security Plan |
||
| No URL references! | ||
|
Part 4, Strengthening the Perimeter Network |
||
| p. 2 | Internet Assigned Numbers Authority (IANA) | Specifically, a document listing all protocol identification numbers. There are MANY ENTRIES! |
| p. 4 | The RFC on Private IP Addressing schemes | RFC 1918 |
| p. 6 | Microsoft's ISA Firewall product website | |
| p. 16 | The Robert Graham website | Answers questions regarding detecting network intruders |
|
Part 5, Securing Servers, Workstations, and Services |
||
| pp. 8, 11 | Microsoft Personal Security Advisor | www.microsoft.com/security/mpsa,
or www.microsoft.com/technet/mpsa/start.asp |
| p. 8 | Microsoft Network Security Hotfix Checker tool (HFNetChk), developed for Microsoft by Shavlik Technologies LLC (http://www.shavlik.com). | See Q303215 at support.microsoft.com. See also Q305385 for a FAQ on this tool. |
| p. 14 | IIS Lockdown Tool (v. 2.1) [IISLockd.exe] | Located on the Microsoft Security Toolkit CD (contained within MS Course 2604), also from www.microsoft.com/downloads |
| p. 14 | URLScan | Also located on the
Microsoft Security Toolkit CD (contained within MS Course 2604), also from
www.microsoft.com/downloads.
This is a subset of the IIS Lockdown Tool |
| p. 16 | Microsoft Security Bulletin MS00-057 | To prevent file permission canonicalization |
| p. 16 | Microsoft Security Bulletin MS00-078 | To prevent file permission canonicalization |
|
Part 6, Responding to a Security Incident When an Attack Occurs |
||
| p. 3 | Microsoft Operations Manager (MOM) | MOM homepage, to centrally monitor and analyze event logs |
|
Part 7, Maintaining Network Security |
||
| p. 3 | Microsoft Security Bulletins | |
| p. 3 | Windows BugTraq | |
| p.3 | Windows Critical Update Notification Service | Included on the Microsoft Security Toolkit CD. See also Q224420 for more info on what it does and how to obtain it online. |
| p. 3 | Windows Baseline Security Analyzer |
See also Q320454 for more info on the Baseline Analyzer, developed by Shavlik Technologies LLC |
| pp. 4-7 | QChain Tool (QChain.exe) | Included on the Microsoft Security Toolkit CD. See also Q296861 for more info. |
| pp. 8-9 | Windows Update Corporate Site | |
| p. 12 | Microsoft Virus Incident Support | From Microsoft Product Support Services, call 1-866-PCSAFETY |
| P. 12 | Microsoft TechNet Security Site | |
| p. 14 | Microsoft's Security Best Practices | |
|
General References (See also my "References and Troubleshooting" page) |
|
| Webopedia | Web encyclopedia |
| Look at reference books in my library | |
| Screenshots of the ISA MMC (and other products) | |
| My Security & Hacking page | Lots of reference information on these topics |