From:
_____@MICROSOFT.COM]
Sent: Tuesday, March 23, 2004 3:47:03 PM
To: _____
Subject: FYI: Interesting Security Information Downloads for the Week of March 15 -19
Server Security Patch Management at Microsoft
Overview
Detailed discussion on how the Microsoft IT group manages server security patching. Details on internal processes, tools, and Systems Management Server (SMS) 2003 features are given. Also included are the best practices and lessons learned for patch management, including security patch management for servers based on the internal Microsoft IT early adopter experience.
http://www.microsoft.com/downloads/...a5-676f-4f00-bc7a-3c7058f1f327&DisplayLang=en
Microsoft Baseline Security Analyzer Sample Scripts
Overview
MBSA generates individual reports in XML format, but only supports viewing them individually-there is no built-in dashboard or summarization of the results. In addition, there are limitations in the number of hosts MBSA can scan in batch-mode where computer names or IP addresses are read from an input file (/fh and /fip options.) Another limitation is the requirement to be a local administrator in order to scan the local computer.
For each of these cases, there are some great alternatives to broaden the capabilities of MBSA using scripting. These samples provide example command lines, and the sample scripts needed to resolve many of these limitations. Because they are samples, you may adapt them for your needs and extend their functionality.
http://www.microsoft.com/downloads/...18-93c2-4ce2-85d6-3679defe1a3e&DisplayLang=en
Incident Response—Managing Security at Microsoft
Microsoft IT has developed a preventative approach to managing computer vulnerabilities.
http://www.microsoft.com/downloads/...be-4fb0-447a-943a-7484cba0e7c1&DisplayLang=en
Overview
Microsoft IT has developed a preventative approach to managing computer vulnerabilities. Designed to reduce the occurrences and severity of attacks, Microsoft IT's security methodology includes the development of processes to reduce open ports and vulnerable systems and services, manage user permissions, regularly assess risks, and regularly monitor compliance with security guidelines.
IT Operations at Microsoft
Overview
Discussion of Microsoft IT delivers integrated IT and trustworthy infrastructure services for line-of-business and Internet applications while at the same time being Microsoft's first and best customer. See first hand how Microsoft IT runs its business on Microsoft solutions and learn about the lessons and best practices that emerge as Microsoft employees "do IT." This presentation lets you in on how Microsoft IT balances the need for agility with the complexity of operating an IT organization with over 7,000 servers spanning more than 400 sites worldwide. Find out how to make centralized operations and monitoring work, provide incentives for server standardization, and respond effectively to incidents that occur within and outside your network.
http://www.microsoft.com/downloads/...85-6d57-4edc-847d-fb0ad1cabf23&DisplayLang=en
Using the Windows Firewall INF File in Microsoft Windows XP Service Pack 2
Overview
Microsoft Windows XP Service Pack 2 (SP2), now in Beta testing, includes significant enhancements to the Windows Firewall component (formerly known as the Internet Connection Firewall). Windows Firewall is a stateful host firewall that discards unsolicited incoming traffic, providing a level of protection for computers against malicious users or programs. To provide better protection for computers connected to any kind of network (such as the Internet, a home network, or an organization network), Windows XP SP2 enables Windows Firewall on all network connections by default. Network administrators can use the Windows Firewall INF file (Netfw.inf) to modify default settings either before installation or after installation. This article describes the usage of the Windows Firewall INF file.
http://www.microsoft.com/downloads/...1d-2f97-4e63-a581-bf25685b4c43&DisplayLang=en
Deploying Windows Firewall Settings for Microsoft® Windows® XP with Service Pack 2
Overview
Windows XP Service Pack 2 (SP2), currently a Release Candidate in Beta testing, includes significant enhancements to the Windows Firewall component, previously known as the Internet Connection Firewall (ICF). Windows Firewall is a stateful host-based firewall that discards unsolicited incoming traffic, providing a level of protection for computers against malicious users or programs. To provide better protection for computers connected to any kind of network (such as the Internet, a home network, or an organization network), Windows XP SP2 enables Windows Firewall on all network connections by default. This new behavior can impair some types of communications. This article describes how to deploy the appropriate configuration settings for Windows Firewall on an organization network so that it is enabled and providing protection, and so that communications are not impaired.
http://www.microsoft.com/downloads/...e1-61fa-447a-bdcd-499f73a637d1&DisplayLang=en
Securing Remote Users at Microsoft
Overview
Discussion of Microsoft IT's Secure Remote User initiative to improve the security of remote access connections. As part of the company's ongoing Trustworthy Computing strategy, Microsoft's internal IT group safeguards employee remote access connections (around one million per month) to make computing more secure at Microsoft. Although first conceived and articulated by Microsoft, the evolving goals of the Trustworthy Computing initiative will require unprecedented industry collaboration as well as a firm commitment from customers to establishing and maintaining secure environments.
http://www.microsoft.com/downloads/...59-17bf-4430-8578-9ca7d7387e00&DisplayLang=en
Securing Wireless LANs with PEAP and Passwords
Overview
Securing Wireless LANs with Password Authentication is the second security solution for WLANs produced by Microsoft® Solutions for Security. It is a companion to the first solution, Securing Wireless LANs - a Certificate Services Solution. Whereas the first solution was aimed at large organizations, the second is considerably simpler and easier to deploy and is designed for small and medium-sized organizations. The primary technological difference between the two solutions is that the first solution uses public key certificates to authenticate users and computers to the WLAN whereas the second uses user name and password authentication. Other distinguishing features of this solution are that it uses existing (rather than new) server hardware, employs a simpler administrative delegation model, and automates many more of the configuration tasks using scripts and predefined settings.
http://www.microsoft.com/downloads/...a1-9820-480e-aa38-63485eca8b9b&DisplayLang=en
Systems Management Server 2003: Desktop Patch Management at Microsoft
Overview
Detailed discussion on how Microsoft IT uses SMS 2003 to manage the process of deploying critical security updates and critical Microsoft Office System software updates to desktop computers. Microsoft IT turned to SMS 2003 to manage the application deployment process, improve hardware and software asset management, and to manage the deployment of security and software updates across the enterprise.
http://www.microsoft.com/downloads/...30-fe19-44fd-a8fb-acd96b895f40&DisplayLang=en
Smart Card Deployment at Microsoft
Overview
Enterprises that allow remote access to network assets are becoming increasingly vulnerable to hackers and malicious intruders. Microsoft's internal IT group took advantage of its existing Microsoft Windows Server infrastructure, including its private Public Key Infrastructure, to deploy Smart Cards to employees needing remote network access to substantially increase the strength of its network security
http://www.microsoft.com/downloads/...86-ce2b-4e01-b80d-35847c47303b&DisplayLang=en
Trustworthy Messaging at Microsoft
Overview
Microsoft needed to use e-mail for transmitting business-sensitive data but was concerned about security and data privacy. Microsoft's internal IT group deployed a solution they called trustworthy messaging, offering both senders and recipients three levels of protection for their data. These solutions were based on applying Secure Multipurpose Internet Mail Extensions (S/MIME) digital signatures, S/MIME encryption, and/or rights management policies.
http://www.microsoft.com/downloads/...48-fe02-4fd4-b7d0-ff88d8e18c6a&DisplayLang=en
Exchange Server 2003 Security Hardening Guide
Overview
This guide is designed to provide you with essential information about how to harden your Microsoft® Exchange Server 2003 environment. In addition to practical, hands-on configuration recommendations, this guide includes strategies for combating spam, viruses, and other external threats to your Exchange 2003 messaging system. While most server administrators can benefit from reading this guide, it is designed to produce maximum benefits for administrators responsible for Exchange messaging, both at the mailbox and architect levels.
This guide is a companion to the Windows Server 2003 Security Guide <http://go.microsoft.com/fwlink/?LinkId=21638>. Specifically, many of the procedures in this guide are related directly to security recommendations introduced in the Windows Server 2003 Security Guide. Therefore, before you perform the procedures presented in this guide, it is recommended that you first read the Windows Server 2003 Security Guide.
http://www.microsoft.com/downloads/...1f-e5c9-4aef-9a44-504db09b9065&DisplayLang=en
Multilingual User Interface Pack for Rights Management Add-on for Internet Explorer
Overview
The Windows Rights Management Add-on for Internet Explorer provides a way for users of supported Windows operating systems to view, but not alter, files with restricted permission. These restrictions enable authors to prevent sensitive documents, Web-based information, and e-mail messages from being forwarded, edited, or copied by unauthorized individuals. These restrictions provide protection, not only while the information is in transit, but also after the recipient of the information has received it.
Multilingual User Interface Pack
Many enterprise customers have deployed the Windows XP Multilingual User Interface Pack in their corporations as a way to ease desktop administration and reduce desktop management costs in multilingual computing environments.
The Microsoft Rights Management Add-on for Internet Explorer provides support for customers who have deployed this version of the Windows operating system through the release of the Multilingual User Interface Pack for Rights Management Add-on for Internet Explorer.
Note: In order for you to successfully run the Rights Management Add-on for Internet Explorer (RMA) please first install the Windows Rights Management client (RM) <http://go.microsoft.com/fwlink/?linkid=18134>. Installing the RM client places software on your computer that allows it to respond to requests for licenses and keys. The RMA will not correctly run without installing the RM client before the RMA.
http://www.microsoft.com/downloads/...82-e7b6-4953-9ccb-a916075ec73d&DisplayLang=en
Original Equipment Manufacturer (OEM) Quarterly Technical Briefing: February 2004
Overview
This presentation gives an understanding of two important Microsoft initiatives, security sustained engineering in Microsoft Windows products and the pre-"Longhorn" version of Microsoft Windows PE.
http://www.microsoft.com/downloads/...02-ac82-48c4-b671-06f0844769ef&DisplayLang=en
Original Equipment Manufacturer (OEM) Quarterly Technical Briefing: April 2004
Overview
In this month's segment, we will continue our focus on security and Microsoft Windows XP Service Pack 2 as Ryan Burkhardt guides us through advanced security features.
http://www.microsoft.com/downloads/...73-dc90-46c5-840a-e237cc3e12a7&DisplayLang=en
