NSIT: Computing, Networks & Phones

Quick Links:

• Announcements
• Tips & Guidance
• IT Policies
• Rates
• About NSIT
• Resources for IT Staff
• Quick Start Welcome Guide

Search NSIT using Google:

Services only
All NSIT

Home > Services > Technical Tools & Resources for IT Staff > Windows Security

Technical Tools & Resources for IT Staff

Security Tools - Windows Security

Windows 9x, NT, 2000, & XP

The various Microsoft Windows operating systems are among the most prevalent desktop operating systems on the market, and they also see widespread usage as servers in a variety of arenas. One of the reasons for their popularity is their advertised ease of usage and widespread software support. However, just as with UNIX systems, one must pay close attention to the secure configuration and maintenance of these machines if they are to be run on an open network. Below we have compiled a series of links to resources which may help with your running of these machines.

• Microsoft Security TechNet Security Center.
• The CERT Windows NT Intruder Detection Checklist.
• The National Security Agency's Security Recommendation Guides.
• Our brief document on Securing File and Printer Sharing in Windows.

Please remember that security is an ongoing process. Most commonly, machines are compromised by known vulnerabilities for which the software vendors have already released patches. Applying all available patches at system installation and regularly updating the system are your best defense against most attacks.

Windows Service Packs and Hotfixes:

• Microsoft Windows Update Page for automated analysis and patching of systems.
• Microsoft Baseline Security Analyzer.

Microsoft SQL Server

Microsoft SQL Server is a database server package which uses the SQL query language. Like many database server products on the market, it was designed to be operated behind a firewall and needs extra attention to its configuration as well as being current on the security patches to secure it against attack. Microsoft also makes a version of MSSQL Server called Microsoft Data Engine (MSDE) which is often bundled with third party software and is vulnerable to the same attacks as MSSQL Server.

• An explanation of Setting the 'sa' password in Microsoft SQL Server to avoid remote compromise.
• Microsoft's Database and SQL Server Security pages.
• SQL Server Security Page (non-Microsoft).

Microsoft Internet Information Server

Microsoft Internet Information Server is Microsoft's integrated Web and FTP server for the Windows platform. Currently, they ship with many severe vulnerabilities which must be patched before the machine is put on the campus network. The now infamous Nimda and CodeRed worms are still a constant threat on the Internet and unpatched machines do not last long before they are compromised and need to be reinstalled. Users should know that IIS is installed by default on Windows 2000 Server and that many third party applications, such as web design software, install a version of IIS or PWS.

• Microsoft URL Scan Security Tool.
• Microsoft IIS Lockdown Tool.