Windows 2000 Information and Resources on the Internet
Windows 2000 Resources
Microsoft Articles, Whitepapers, and Events on Windows 2000 Don't run yourself ragged trying to navigate Microsoft's huge site trying to find decent resources. We've cataloged the best links from their site here.
3rd Party Articles on Windows 2000 A collection of the best online magazine articles and research papers on Windows 2000 from around the web.
Windows 2000 Web Sites The search engines haven't caught up with all of the new Windows 2000 Web Sites popping up, but we look for them all the time. Here's our picks for the Best of the Web.
Windows 2000 Feature Summary Get past the hype and propaganda. Here's a quick LabMice primer on what's new in Windows 2000 and how it will affect you.
The Windows 2000 FAQ From NTFAQ.com
Windows 2000 Orientation Confused about Windows2000? Check out Graeme Bennett's excellent Orientation Guide.
Active Directory Windows 2000 new directory services make some jobs easier, but setting it up is not for amateurs. We've collected all the best articles, whitepapers, and tutorials from around the web.
Microsoft's Windows 2000 Pages
Windows 2000 Features Descriptions Microsoft's overview of the major services provided by WIndows 2000 Server.
Windows 2000 Technical Resources Microsoft's Resource Center for all of the technical whitepapers related to Windows 2000
Microsoft Windows 2000 Professional Home Page This is the next version of NT Workstation. Lots of cool new features.
Windows 2000 Professional Documentation An updated, online version of the documentation that comes with the Win2000 Professional Beta CD's
Microsoft Windows 2000 Server Home Page The new NT Server will be a lot different than NT 4.0. Active Directory, Kerberos Security, transitive trusts, IntelliMirror. Get prepared for the next release by reading the MS Whitepapers now.
Windows 2000 Server Documentation An updated online version of the documentation that comes with the Win2000 Server Beta CD's
Windows 2000 Advanced Server Help An officially unpublished work by Microsoft that includes a Best Practices Database, Checklists. New Features, etc.,
Overview of Windows 2000 Server Products General information, from Microsoft.
Corporate Preview Program Order your copy of Windows 2000 Release candidate 2, from Microsoft. Find out what's new in RC2
Best Practices Index for Windows 2000 A list of tips and recommendations for specific Windows 2000 components from Microsoft.
Best Practices for Windows 2000 Installation The official recommendations from Microsoft.
Configuring Enterprise Security Policies - Walkthrough Microsoft downloadable tutorial on using the new Security Configuration Toolset and Group Policy Editor
Distributed File System: A Logical View of Storage Microsoft Whitepaper on Dfs from the TechNet CD Online.
Deployment Guide: Automating the Windows 2000 Upgrade From Microsoft TechNet, tips for unattended installations of Windows 2000 Server and Professional.
Distributed File System Overview of Windows 2000 Dfs from Microsoft.
How Applications Certified for Windows 2000 Simplify Desktop Management Microsoft whitepaper.
Introduction to Windows 2000 Group Policy From Microsoft TechNet, a Whitepaper on Windows 2000 Group Policies - one of the key components of Change and Configuration Management of IntelliMirror.
Microsoft Official Curriculum for Windows 2000 The new recommended training curriculum from Microsoft.
MS Distributed File System version 4.1 for Windows NT Server for Administrators Guide Can't wait for Windows 2000, and gotta play with Dfs now? Get the documentation here.
Optimizing Your Files with Microsoft Disrtibuted File System Version 4.1 A reprint of a TechRepublic article, from the Microsoft TechNet CD Online.
TCP/IP Implementation Details for Windows 2000 A walk-through from Microsoft on setting up TCP/IP on W2K.
What's new or different from DOS? A table that explains Windows 2000 System Commands not found in MS-DOS
Intrusion Detection Resources
An
Introduction to Intrusion Detection and Assessment
By Becky Bace in PDF format.
An
Introduction to Intrusion Detection
An article written by Aurobind Sundaram in the Association for Computing
Machinery's newsletter Crossroads.
COAST
Intrusion Detection Pages
An excellent primer on Intrusion Detection.
FAQ: Network Intrusion
Systems
A well done FAQ that covers the core concepts of Intrusion Detection on
several operating systems.
Getting the drop on
Network Intruders
An overview of Network Intrusion Detection Software by Ellen Messmer Source:
Network World, 10/04/99
Managing
Intrusions
A brief Whitepaper by Peter Stephenson that covers the basics.
50 ways to
defeat your Intrusion Detection System
By Fred Cohen & Associates
Anatomy
of an Intrusion
A great eye-opening article on Intrusions by Greg Shipley, Source: Network
Computing's Security Workshop, (Oct 1999)
Can
Intrusion Detection Keep an Eye on Your Network's Security?
Catching network and host attacks as they happen sn?t always possible with
firewalls and other security tools. Intrusion detection can be your eyes and
ears throughout the enterprise. Source: Network Magazine (April 1999)
Cracker
Tracking: Tighter Security with Intrusion Detection
An Article in BYTE Magazine by Michael Hurwicz. Discusses the differences
between host and network based detection systems and does a brief comparison of
some of the major products on the market.
Computer
Security Incident Handling: Step-by-Step
Advice on how to respond to break-ins and hacker attacks. Source: SANS.org
Data
Mining Approaches for Intrusion Detection
An interesting whitepaper from Columbia University's Computer Science Department
Detecting
Signs of Intrusion
From CERT at Carnegie Mellon University
Effective
Security Monitoring
A sample chapter from MS Press Security, Audit, and Control Book.
Hacker
Alert - Intrusion Detection Software is hot , but can it really stop Hacker's
cold?
A hard look at what options are out there, and how they actually function in the
real world, by Ellen Messmer in Network World, Sept 27, 1999
How
to Audit Windows NT Security
Article by Stuart Henderson, Sept 1997
How to
Build a Honeypot
An excellent and unique article by Lance Spitzner on how to create a lab
environment to teach and learn how hackers test system vulnerabilities.
Incident
Handling
A little planning goes a long way when handling computer break-ins. Source:
Network Magazine (Jan 2000)
Intrusion
Detection Tools to stop hackers cold.
A review of host based monitoring and network based scanners by Ellen Messmer.
Source: Network World, 2/15/99
Intrusion
Today
A small news archive from the NetworkICE corporation
Intrusion
Detection and Response
A whitepaper on the viability of Intrusion Detection Systems from National
Info-Sec at the Lawrence Livermore National Laboratories
Intrusion
Detection provides a pound of prevention.
Article by Mark Abene in Network Computing's Security Workshop, August 1997
Intrusion
Detection Take 2
A second look at intrusion-detection systems shows that a combination of
network-based and host-based technologies is a promising strategy. But is it
ready to safeguard your network?
Source: Network Computing (Nov 1999)
Responding
to Intrusions
From CERT at Carnegie Mellon University
Security
Reality Check
Intrusion detection spots bad things happening in your network?..sometimes.
Source: Network Magazine (July 1999)
Sniffing
out Network Intruders
A Product comparison and introduction to Network Sniffer programs Source:
InfoWorld's Test Center. (Feb 1999)
Spotting
Intruders
A great article by Brian Robinson. Source: Federal Computer Week, March 1999
To
Catch an Internet Thief
Tracking intruders back to their lairs may require an Internet posse. Source:
Network Magazine (Feb 1999)
Working
with the NT Security Log,
By Paul E. Proctor, Windows NT Systems Magazine, Sept 1997
Online Events, Tutorials, and
Walk-Throughs
Free Microsoft Official Curriculum Course for Windows 2000 Get a jump on the next version of NT! Microsoft has just released a free self-paced Microsoft Official Curriculum (MOC) course to help you prepare for a migration to Microsoft Windows 2000. This course provides you the strategy and skills necessary to prepare a Windows NT 4.0-based network for migration to the Windows 2000 operating system. The course will leverage your existing administration and support skills to present a strategy of best practices that, when deployed, will prepare computers and networks for Windows 2000 in the best way possible.
How to Analyze and Optimize Windows 2000 Server Network Traffic TechNet Event #TNQ200-12 NEW
How to Deploy Windows 2000 Security in Corporate Networks TechNet Event #TNQ200-13 NEW
How to Prepare for Windows 2000 Professional Microsoft TechNet event - available in PowerPoint slides
How to Deploy Windows 2000 Server Microsoft TechNet event - available in PowerPoint slides.
How to design a Windows 2000 Networking Infrastructure TechNet Event viewable via Windows Media Player and PowerPoint.NEW
Linking Networks, Branch Offices and Partners An overview of the improved Routing and Remote Access features of Windows 2000
Step by Step Guides Downloadable Windows 2000 tutorials from Microsoft
Top Three Actions to Prepare Your Current Network for Win2K Microsoft Online Seminar, 7 Minutes, 02/26/99.
Windows 2000 Daily Cycle Video Windows NT build cycle video from Microsoft.
Windows 2000 Initiatives at Microsoft In-depth discussion of the development and deployment of the new OS, from Microsoft.
Windows 2000 Live Deploying Beta 3, Microsoft Event, June 1999.
Windows
2000 Server Architectural Overview and Update TechNet event via Windows
Media Player.
Technical Articles
Active
Directory Glossary A whole new list of terms you'll need to know when
deploying Windows 2000.
Active Directory Display Specifiers An introductory article from Microsoft in Word format
Active Directory Logical Structure An excerpt from the Windows 2000 Resource Kit
Active Directory Service Interfaces An overview of integrating multiple directory services through ADSI. In Word format.
Active Directory Services Interfaces Overview. An introduction to ADSI from Microsoft
Active Directory Technical Summary Overview of AD from Microsoft, including migrating from NT 4.0
Distributed File System Overview of Windows 2000 Dfs from Microsoft.
Dynamic Host Configuration Protocol for Windows 2000 Server. Microsoft paper describing the improvements to DHCP in Windows 2000
Managing the Active Directory Whitepaper from TechNet
Upgrading and Deploying File, Print, and Web Services Scenario based Deployment Article from Microsoft TechNet CD Online NEW.
Windows 2000 Hardware Compatibility List
Windows 2000 Alphabetical List of new Features From the Microsoft Windows 2000 Online documentation
Windows 2000 Commands For all of you Command Line junkies, a list of the new and updated Commands for Windows 2000.
Windows 2000 Deployment Tutorials A long list of walk-throughs and tutorials on setting up Win2000 Server and it's components.
Windows 2000 Installation Checklist Make sure you give this a once over before you start your install.
Disaster Recovery and Business Continuity
Surviving
an NT Disaster
An overview of Disaster planning for IT Administrators. Source: Windows NT
Systems Magazine (Dec 1998)
The Data
Recovery Decision
A paper by Ontrack Data Recovery, Inc. that discusses data loss dangers,
critical data risks, how to find the optimal solution, and when data recovery is
necessary. Source: Summit Online
The
many phases of Strategic Recovery
Article from Weyerhaeuser Disaster Recovery Services
Thunderstorms
and Lightning: A Preparedness Guide.
A quick primer by Chris Floyd, the Disaster Services Director of the American
Red Cross. Source: Disaster-Resource.com
Turning
your Disaster Recovery Expense into a corporate asset
Using your DR plan to re-examine your business processes. Source: Weyerhaeuser
Disaster Recovery Services
When
Disaster Strikes...
Come hell or high water, today's business environment demands that your data
networks keep running. What's the best solution for disaster recovery. Source:
Network Magazine (Jan 2000)
Windows
2000 Server Disaster Recovery Guidelines
Network administrators must develop disaster prevention and recovery procedures
for their software and files. This paper details a strategy for that, and lists
new or enhanced Windows 2000 file system, data storage, and System State
features. As well, this paper introduces the improved Windows 2000 Backup
utility and provides guidelines for recovery of machines running Microsoft
Windows 2000 Server. Source: Microsoft.com (March 10, 2000)
UPS
Buyers Guide
By Ramon Loyola, Windows NT Systems, July 1999
A
Practical Guide to Electricity for Network Administrators
By Candy Prince, Windows NT Systems Magazine, July 1999
Backup
Against Disaster
Article by Steve Rigney spells out why a network backup should be an essential
element of any solid disaster recovery plan. Covers backup basics, tips,
replication, and software review.
Source: PC Magazine (March 24, 1998)
Backups and Disaster Recovery
Great primer that stresses the value of backups, risks, backup methods, devices
and media, scheduling, media rotation, what and how to back up your data, and on
how to make boot disks. Source: PCGuide.com
Computer
Security Incident Handling: Step-by-Step
Weather isn't the only type of Disasters. Hackers can destroy your network as
well. Learn how to implement an effective response. Source: SANS.org
Disaster
Recovery: A Key component in any Quality Program
Getting management to see DR as not just another "insurance" program.
Source: Weyerhaeuser Disaster Recovery Services
Disaster
Recovery for Frame Relay Networks
Whitepaper that covers risks, common Frame Relay failures, steps for successful
DR planning, recovery options, etc. Source: ADTRAN.com
Efficient Use
of Workplace Telephones after Disaster Strikes
A must read article by Judy Bell, a retired Division Operations Manager at
Pacific Bell, and President of Disaster Survival Planning. Source:
Disaster-Resource.com
Facing
Reality
Successful Disaster Recovery is all about managing Unexpected Situations.
Source: Weyerhaeuser Disaster Recovery Services
Hurricanes 101
A quick primer on Hurricanes by Chris Floyd, the Disaster Services Director of
the American Red Cross. Source: Disaster-Resource.com
Recovering
from a Network Disaster
Source: Windows NT Magazine,
SANS Network
Security Roadmap
Hacker-proofing, advance planning before they hit you - A Computer Security
Roadmap
Written for UNIX Admins, but plenty of useful information for everyone.
Smooth Moves
Relocating a data center can be enough of a challenge; doing so with minimal
business disruption demands good luck and great planning. Some of the most
successful moves have been little more than activations of customized versions
of the operations' disaster recovery plan. Source: Rothstein.com
Storage
Management Technology
By Curtis Preston, Windows NT Systems, July 1999
Contingency Planning
Outline
A brief outline of a DR plan as an example to convey the typical content of a
detailed contingency plan. The format will likely vary for each organization.
Components may be combined in lists, matrices or charts. Not all components will
apply to all organizations. Source: Kansas Department of Administration
Disaster Recovery Planning
A sample Disaster project plan outline from the University of Toronto.
Source: University of Toronto
Disaster
Recovery Planning - Have You FORGOTTEN...??
All the little things that many people forget to put in their DR plans. Source:
DisasterRecoveryPlan.com
Download an
Outline
Ready to get started? The disaster recovery plan outline provides a hands-on
framework for building your own plan. Source: DLT.com
DRJ Sample Recovery Plan
A free outline, with access to the full plan for subscribers to Disaster
Recovery Journal (The subscription is free.) Source: DRJ.com
MIT Business Continuity
Plan
This is an external release of the MIT Business Continuity Plan.
For information on the plan or Business Continuity Planning at MIT, call Jerry
Isaacson MIT Information Security Office at (617) 253-1440 or send e-mail to gii@mit.edu
Nestle USA:
Creativity as a Key to Disaster Recovery Planning
A Whitepaper describing the challenges a unique solutions that went into Nestlé's
DR plan. Source: Disaster-Resource.com
Plan Writing
Tutorial
Have you been charged with creating or re-working your company's disaster
recover plan? This informative article will walk you through all the steps
necessary to ensure your plan is strong and successful. Source: DLT.com
UW Madison and
UW Wisconsin Sample Library Disaster Recovery Plan
This document outlines recovery plans for the UW-Madison and UW-Milwaukee
Library systems managed by the Library and Information Retrieval Applications
(LIRA) staff. The purpose of this plan is to ensure that critical operations can
resume or continue normal processing after a hardware or software failure.
Washington State's DIS
Disaster Recovery Plan
An excellent example of a well done DR plan, in PDF Format. Source: wa.gov
7-Step Planning
Methodology
Seven steps that most experts agree should be included in any disaster recovery
business continuity planning process.
Auditing Your
Disaster Recovery Plan
A closer look at High Tech Crime, and the possibility of it becoming the most
likely disaster in the 21st Century. Source: Disaster-Resource.com
Components of
a Successful LAN Disaster Recovery Plan
A must read article by Leo A. Wrobel. Source: Disaster-Resource.com
Data-Security
Best-Practices Primer - Part 1: Backup
If your system crashes, do you have a backup and recovery process? Source:
DLTtape.com
Data-Security
Best-Practices Primer - Part 2: Archive
Will you be able to access important data when you need to? Source: DLTtape.com
Disaster
Recovery Planning
A sample recovery outline from the Computer Security Administration at the
University of Toronto. A great reference if you need assistance in creating one
for your organization.
Getting Started:
Disaster Recovery Planning
A great primer on how to formulate a DR plan without destroying your budget.
Source: disasterplan.com
Implementing a
Disaster Recovery Plan - Before Disaster Strikes
Brief overview and recommendations by Nathan Rector.
Preparing the
Disaster-Recovery/Business- Continuation Plan
Tips on how to start on your plan. Source: Disasterplan.com
Surviving a
Computer Systems Disaster: A Business Continuity Planning Primer
For professional who are serious about disaster recovery, this white paper is
rich and deep in information. As a single offering, it is the most comprehensive
resource on the site.
Win 2000 Network Security Articles and Whitepapers
Communications and Network Services An overview of the services in Windows 2000
Enterprise Class Storage in the Next Generation of Windows NT Microsoft White paper, December 11, 1998.
Increased Reliability, Availability, and Scalability Microsoft article, April 19, 1999.
Planning a Migration from Windows NT to Windows 2000 Downloadable Whitepaper from Microsoft.
Support and Management Improvements Microsoft Whitepaper in Word format, Posted June 1999
What Others Are Saying [About Win2K] Collection of articles and news stories, by Microsoft.
Windows 2000 Compatibility Guide From the Microsoft Support Center
Windows 2000 Professional in a Windows NT Server 4.0 Environment. A whitepaper in Word format. Posted June 15, 1999
A
Blue Book for Network Security
How to calculate the cost of computer crime. Source: Network Magazine (June
1998)
Anatomy
of a Hack
A Hacker challenge reveals that success is in the details. Source: Network
Magazine (Dec 1999)
Can
You Survive a Computer Attack?
How to craft an incident response strategy and team. Source: Network Magazine
(Aug 1998)
CERT's
Security Improvement Modules
An excellent series of articles and checklist to help lock down your network
Centralizing
Security Control,
By John Gardner, Windows NT Systems Magazine, (Sept 1997)
Close
the door on hackers--secure your network
An overview of simple procedures you can use to keep your data from falling
into the wrong hands. Source: Windows NT Professional Magazine (July 1999)
Common
Criteria for Information System Security Evaluation v. 2.0
Soon to be the new ISO standard
Da
Bomb
Feeling safe and secure behind your firewalls? There's one threat they can't
protect you from: a ping of death that comes from the software on your system.
And the Uniform Computer Information Transactions Act (UCITA) could make it
legal. Will the ping of death strike your software? Source: InfoWorld (Dec 1999)
Distributed
Security
Sample chapter from Distributed Operating Systems Source: Microsoft TechNet
CD Online
Distributed
Denial of Service Defense Tactics
This paper details some practical strategies that can be used by system
administrators to help protect themselves from distributed denial of service
attacks as well as protect themselves from becoming unwitting attack nodes
against other companies. Source: SimpleNomad
Effective
Security Monitoring
A sample chapter from MS Press Security, Audit, and Control Book. Source:
Microsoft TechNet CD Online
Hack
your Network and Management will come
A great article by Stuart McClure on how to talk upper management into seeing
the wisdom of security audits. Source: InfoWorld.
Hacking
Techniques
An excellent primer on common techniques from SecurityWatch.com
Hardening
Windows NT against Attack
By Paul E. Proctor, Windows NT Systems, January 1999
Internet
Information Server 4.0 Security Checklist
A simple checklist in a downloadable self extracting Zip file to help you lock
down your IIS Servers. Source: Microsoft Security Advisor.
Is
Someone Scanning Your Network?
An inside look at how hackers stalk their prey. Source: Network Magazine (Sept
1998)
IT
Baseline Protection Manual
Excellent Web-Site that recommends measures to meet Medium-Level Protection
Requirements for Windows NT, Unix, Novell, Firewalls, PBX, Databases, Email,
etc.) They even offer a free CD! Don't worry about the German intro, the site is
in English (although they could use a better translator).
IT
Security Cookbook
A great online "book" designed as a self help guide for managers,
programmers, and network administrators.
Know your enemy
Great article by Lance Spitzer on the tools and methodology of the most common
black-hat threat on the Internet, the Script Kiddie. By understanding how
they attack and what they are looking for, you can better protect your systems
and network.
Know your enemy Part II
How to determine what the enemy is doing by analyzing your system log files.
Includes examples based on two of the most commonly used scanning tools on the
Internet, sscan and nmap.
Know your enemy Part
III
What happens after the script kiddie gains root. Specifically, how they
cover their tracks while they monitor your system. The paper goes through
step by step on a system that was recently compromised, with system logs and
keystrokes to verify each step.
Maintaining
Registry Security
MSDN Online library article.
Murphy's Law
and Computer Security
A classic paper by Wietse Venema at the Eindhoven University of Technology
Naval Postgraduate School, Monterey, CA CS4601 COMPUTER SECURITY Notes Self Explanatory, and a great general resource.
Notes from the Underground: Hackers
scoff at NT and certified firewalls
Reprinted from the January 1997 issue of Computer Security Institute's monthly
newsletter, Computer Security Alert.
NT
Security FAQ
An exceptional (and fairly large) guide to NT Security in the familiar FAQ
format. One of the nice things about this FAQ is that it includes footnotes for
most of it's references. A must read!
NT
Vulnerabilities
By Paul E. Proctor Windows NT Systems Magazine. November 1998
Passwords 101: Ten
tips to help you tighten Windows NT's security
Common sense advice on making sure your password policies are tough enough
to discourage would be hackers. Source: Windows NT Professional Magazine (March
1998)
Plug
those known holes
Malicious hackers are most likely to breach a corporate network through known
security problems, but many administrators still lag in applying patches and
upgrades, a security expert says. Source: Computer World. (Dec 1999)
Qwest
for Network Security
A growing communications carrier went looking to improve its network security.
It found the right man, and the right tool, for the job. Source: Network
Magazine (April 1999)
Raptor Systems' Security
Library
Hundreds of must read articles in PDF and Postscript format.
SANS Network
Security Roadmap
Hacker-proofing, advance planning before they hit you - A Computer Security
Roadmap
Written for UNIX Admins, but plenty of useful information for everyone.
Securing NT
Server
The Chicago branch of Network Computing's labs has long been known for its harsh
criticism of Microsoft Corp. when it comes to Windows NT security. However, even
though lacing into NT is one of our favorite pastimes, securing it is far less
humorous. With NT's massive array of services and subsystems, it's difficult--at
best--to identify all the problems, much less protect against them. Source:
Network Computing (April 2000)
Steps for Evaluating the Security of a Windows NT Installation
Securing
Windows 2000 Network Resources
Administration of a Microsoft Windows 2000 operating system-based network is a
important task that has become much simpler. The administration tools and the
directory service infrastructure (for user accounts and authentication) provide
and control access to network and application resources. This guide focuses on
setting up user accounts and using groups to control access to resources such as
file share, printers and Web servers. Source: Microsoft.com (March 7, 2000)
Security
Hot Spots to Watch for.
Great advice from InfoWorld's Test Center
Security
Threats: Motives and Methods
Part 2 of a Virus tutorial that provides an overview of general network threats
by Diane Levine. Source: Planet IT (Oct 1999)
Securing
Windows NT Server
Security requires more than just firewalls and proxy servers. Your operating
systems must be bulletproof as well. Here's how to secure your Windows NT
systems. Source: Network Magazine (Feb 1999)
Securing
a Windows NT 4.0 installation.
Microsoft Whitepaper downloadable in Word document format.
Security
Services for Windows NT
An overview of NT security services, from Microsoft TechNet.
Software
Security Considerations
Do you know what holes your third party products are putting in your OS? Article
from MSDN Online.
Strategies
for Defeating Distributed Attacks
With the advent of distributed Denial of Service (DoS) attacks such as Trinoo,
TFN, TFN2K and stacheldraht, there is an extreme interest in finding solutions
that thwart or defeat such attacks. This paper tries to look not just at
distributed DoS attacks but distributed attacks in general.
Take security to the
next level with system policies
How to create and implement effective system policies to simplify network
administration and increase security. Source: Windows NT Professional Magazine
(April 1999)
The End of
Privacy
Think you have a secret or two that no one, but no one, can find out? Think
again. Computers started to strip you naked, and now the Web is finishing off
the job. By Adam L. Penenberg Source: Forbes (Nov 1999)
The
Castle Defense.
A primer for Enterprise system and Network Protection by Fredrick M. Avolio.
Performance Computing. Although primarily a UNIX Journal, this article was too
good to pass up.
The
Ins and Outs of a Network Security Audit
From Info World's Test Center, a great summary of how to conduct a security
audit.
To Build
a Honeypot
One method of building your own honeypot to learn more about the black-hat
community. The tools and methods discussed are how Lance Spitzer did his
research for the "Know Your Enemy" series.
To
Catch an Internet Thief
Tracking intruders back to their lairs may require an Internet posse. Source:
Network Magazine (Feb 1999)
Towards
a Taxonomy of Network Security Assessment Techniques
Vulnerability assessment tools are coming into widespread use, but the methods
that they use are not well understood. We present a taxonomy of methods for
testing if a target is vulnerable to a particular attack.
Trusted
Systems NSA Guide
In April 1998, Trusted Systems completed a 1-year project for the National
Security Agency (NSA) Research Organization to produce guidelines for securely
configuring the Windows NT operating system. These guidelines target best
commercial and military practice, and are based on extensive research into
previous and concurrent efforts. The completed 110-page guidelines are available
free from the Trusted Systems web site.
Unofficial NT Hack FAQ
An FAQ for Hackers on how to break NT security. A useful primer for SysAdmins.
From Simple Nomad.
USENET
Computer Security FAQ's
Ohio State University's Usenet FAQ's on Computer Security.
US Navy Guide to Secure Windows NT 4.0 Installation and Configurations
Windows
NT Made Secure,
By Tim Parker, Windows NT Systems Magazine, (May 1997)
Microsoft Updates for Windows 2000 product lines
Critical
Updates, Service Packs
Windows
2000 Evaluation Upgrade Utility
Download this utility if you have installed the Windows 2000 Evaluation Edition
and want to upgrade it to full code using the Windows 2000 Upgrade CD. To
successfully complete the upgrade, you will need to have a valid qualifying
Windows CD such as Windows 98 or Windows NT 4.0.
Iomega
Parallel Port Drivers Support
IntelliPoint 3.1a software (Windows 2000 drivers)
Microsoft TroubleShooters
Windows 2000 System Tools / Utilities
RegRepair
2000
RegRepair 2000 will fix IOS errors without having to reformat your hard drive.
It will find and remove or replace corrupted fonts. It will find and repair
DRV's, DLL's, and VXD's that are missing, corrupted or causing FailToLoad or
Initiate. It will find these problems and repair them before you to get locked
out of Windows and are forced you to reformat. RegRepair 2000 fixes what
reinstalling Windows without reformating cannot. RegRepair 2000 will work in
Windows or Safe Mode, but does not work from the DOS prompt. V
Windows
2000 Readiness Analyzer
Analyzes your system and reports potentially incompatible hardware devices and
software applications. The tool compares the devices and applications on your
system against a list of known issues. The tool can be run online, downloaded
and run against offline computers or run against corporate networked computers.
netOctopus
Windows 2000 Readiness Kit
you will be able to scan the network and view machines in concise reports by
whether or not they adhere to the basic requirements of Windows 2000.
Windows
2000 System Preparation Tool
enables administrators to prepare Windows 2000 System Images as part of an
automated deployment. Sysprep 1.1 is an update to Sysprep 1.0 and adds the
ability to reduce the number of images required in a deployment by supporting
multiple mass storage controllers.
Windows
2000 Active Directory Migration Tool
can use this tool to diagnose any possible problems before starting migration
operations to Windows 2000 Server Active Directory. You can then use the
task-based wizard to migrate users, groups, and computers; set correct file
permissions; and migrate Microsoft Exchange Server mailboxes. The tool's
reporting feature allows you to assess the impact of the migration, both before
and after move operations.
Enterprise
Configuration Manager
automates and centralizes tedious and repetitive tasks, and efficiently monitors
Windows NT Workstation and Server configuration settings--allowing
administrators to implement enterprise-wide standards
Windows
2000 Customer Support Diagnostics Tools
contains debuggers (KD, Windbg, CDB), debugger extensions (retail and debug
versions for both Windows NT 4.0 and Windows 2000), and other related debugging
tools.
Windows 2000 Upgrade Links
Windows 2000 Professional
Windows 2000 Server
Windows 2000 Compatibility
Windows 2000 Security
Microsoft
Windows 2000 Security Services
Windows
2000 Security Tools
Windows 2000 Internet Server Security Configuration Tool : tool lets you
configure an IIS 5.0 server without needing to configure individual registry
settings, security policies, and other details. The tool interviews you to
determine what functionality you need, and then generates and deploys the policy
on the server.
Windows
2000 Kerberos Authentication
Windows
2000 Kerberos Interoperability
Step-by-Step
Guide to Kerberos 5 (krb5 1.0) Interoperability
Kerberos Papers and Documentation
Windows 2000 FAQs / Tutorials / Educational/ Informational Sites
Microsoft's
How It Works
architectural overviews, functional specifications, general usage information,
and technical detail arranged by major service category.
How
to Set Up and Troubleshoot Multiple Monitors in Windows 2000
Windows
2000 Deployment Guides
Microsoft
Windows 2000 Technical Library
White papers, deployment guides, active directory in depth, clustering,
networking, security, and online help. Definitely spend time HERE.
Step-by-Step
Guide : Installing a Windows 2000 Server as a Domain Controller
Step-by-Step
Guide : Installing and Connecting a Windows 2000 Professional Workstation
Windows
2000 Professional in a NetWare Environment
Services
for NetWare v.5
The resource for Microsoft Windows 2000 Interoperability with NetWare.
Automating
Deployment of Windows 2000 Professional and Office 2000
Windows
2000 Server management services
IBM
Redbook Download: Migrate from NT4 to Windows 2000 Servers
Introduction
to Windows 2000 Group Policy
Using
the remote access services of Windows 2000 Server
Encrypting
File System for Windows 2000
Windows
2000 Performance Optimization
Windows
2000 Time Synchronization Service
How
to Install Distributed File System (DFS) on Windows 2000
Rio500
under Windows 2000 HOWTO
Anti Virus Articles and Whitepapers
Outlook
Tips and Techniques
What does the Outlook E-mail Security Update do and should you roll it out in
your company? Sue Mosher gives the pros and cons and suggests other Outlook
features that can help you improve email security.
Exchange Administrator Newsletter / Feature / August 2000
The
Evolution of 32-Bit Windows Viruses
In the battle to secure your systems against viruses, arm yourself by knowing
where viruses originate, what forms they can take, and how they can damage your
systems.
Windows 2000 Magazine / Features / July 1, 2000
No
Free Lunch at the Dog Food Diner
The outbreak of a new LoveLetter-type virus points out that Microsoft is not
eating its own dog food. And other large companies are not taking security
seriously enough either.
Windows IT Security / In Focus / July 2000
Microsoft
Criticized for Outlook Love Bug Patch; Changes Tune
Microsoft announced late Wednesday, May 24, that it will delay the Outlook patch
until the week ending June 2. Microsoft now plans to include the ability to
modify the list of restricted files.
Windows 2000 Magazine / NT News / May 26, 2000
Outlook
Patched After Recent Viruses
Microsoft plans to release an Outlook security patch in the wake of the
devastation wrought by the Loveletter (aka Love Bug) virus, a Visual Basic (VB)
Script bug that propagated by exploiting Outlook's address book feature to pass
itself along.
Windows 2000 Magazine / NT News / May 24, 2000
Most
Dangerous Variant of VBS/Loveletter Yet
A new variant of the VBS/Loveletter virus is loose today. Officially dubbed
VBS.NewLove.A or VBS.Loveletter.FW.A, this virus disables Windows systems by
replacing all files not in use.
Windows 2000 Magazine / NT News / May 19, 2000
New
Love Packs a Wallop
As expected, several variations of the Love Letter worm are making their way
around the Internet. However, the latest rendition, named New Love, is far
meaner and trickier than the rest.
Windows 2000 Magazine / NT News / May 19, 2000
Backpedaling
Toward Security
After the recent Love Letter virus, Microsoft scrambles to make Outlook more
secure.
Windows IT Security / In Focus / July 2000
Content
Scanning and User Education Help Reduce Virus Risks
If last week's ILOVEYOU virus caused your company major problems, read Jerry
Cochran's advice on how you can prepare your systems for future similar attacks.
Windows 2000 Magazine / Exchange Server Administration / May 12, 2000
Is
the Windows Platform Overpowered?
Some users believe that the powerful scripting technology installed as part of
the integrated desktop and Microsoft Office applications creates a security
risk.
Windows IT Security / In Focus / July 2000
Global
Virus Insurance 24h-365d
Deploy virus updates automatically.
Windows 2000 Magazine / Lab Reviews / June 2000
Love
Letter Virus – An Update
Variations of the newly discovered Love Letter virus, a Visual Basic (VB)-based
script that arrives with a message subject of "ILOVEYOU," are already
spreading.
Windows 2000 Magazine / NT News / May 5, 2000
New
Virus Loves You
A new virus is spreading rapidly through email as a file attachment targeted at
Outlook and Internet Explorer users. The newly discovered virus comes in the
form of a Visual Basic script that contains a message with a subject line that
reads "ILOVEYOU."
Windows 2000 Magazine / NT News / May 4, 2000
An
IEAK Compatibility Problem; An MSCS 1.0 Bug Fix
Columnist Paula Sharick discusses an IEAK problem that affects Windows 2000, an
MSCS bug fix, a RasDial API memory leak, a Norton AntiVirus problem, and more.
Windows 2000 Magazine / Keeping Up with NT / March 21, 2000
InoculateIT
4.5
Vaccinating your network.
Windows 2000 Magazine / Lab Reviews / April 2000
First
Windows 2000 Virus and Security Patch
John Ruley reports on the first-reported Win2K virus and also Microsoft's first
security patch for Win2K.
Windows 2000 Magazine / Windows 2000 Pro / February 4, 2000
Reader
to Reader
Share your NT discoveries, comments, problems, solutions, and experiences with
products and reach out to other Windows NT Magazine readers (including
Microsoft).
Windows 2000 Magazine / Reader to Reader / March 2000
Worms
and Viruses Pose Real Threat for Y2K
Mark Edwards offers up some strategies for protecting your systems from
Y2K-based viruses and worms.
Windows IT Security / In Focus / July 2000
Bubbleboy
Poses New Security Threat
The Bubbleboy worm has returned with new implications for Outlook users.
Windows 2000 Magazine / Exchange Server Administration / November 19, 1999
Exterminator
Tools
Networks of any size need an antivirus program. This review narrows the field so
that you can make an informed purchase.
Windows 2000 Magazine / Lab Comparative / December 1999
VBS/Bubbleboy
Email Worm Appears
A new threat dubbed VBS/Bubbleboy has appeared as the first in the next
generation of email worms. This new worm is significantly different from earlier
email worms, such as Melissa, that appeared as executable files attached to
email messages.
Windows 2000 Magazine / NT News / November 10, 1999
Microsoft
Offers Free Y2K Virus Protection
Microsoft has partnered with several software vendors to offer free antivirus
software to help ameliorate expected Y2K virus problems.
Windows 2000 Magazine / NT News / November 5, 1999
Daughters
of Melissa Virus Trot the Globe
Learn about the new variants of the Melissa virus that began popping up earlier
this month.
Windows 2000 Magazine / NT News / October 25, 1999
New
NT-Specific Infis Virus
Learn about WinNT.Infis, a unique Windows NT-specific virus, and see just how
much of a threat it is to your systems.
Windows 2000 Magazine / NT News / October 11, 1999
More
Viruses and Trojans Circling the Internet
Security expert Mark Edwards offers advice on how to protect your networks from
these email-transmitted viruses.
Windows IT Security / In Focus / July 2000
eDoctor
Is in the House
Trend Micro announced its new 24x7 eDoctor Global Network Internet virus
detection and suppression program--virus monitoring for ISPs and active
antivirus intervention.
Windows 2000 Magazine / NT News / September 15, 1999
Another
Active Scripting Bug in Internet Explorer 5.0
A user has uncovered another Active Scripting bug in IE 5.0. Learn how to
protect yourself from these types of security risks.
Windows IT Security / In Focus / July 2000
Antigen
5.5
The Melissa and Worm.ExploreZip viruses have taught us some valuable lessons.
Here's a way to protect your Exchange Server system.
Windows 2000 Magazine / Lab Feature / October 1999
Disclosing
Security Risk Exploit Information
Some people argue that full disclosure of security risk exploit information
leads to a larger number of compromised systems. But what's the other side of
that coin?
Windows IT Security / In Focus / July 2000
Who's
Watching Over Your System's Security?
Mark Edwards offers his opinions about antivirus firms that hire known
ex-hackers.
Windows IT Security / In Focus / July 2000
Bug
Fixes and a Back Orifice 2000 Update
New bug fixes available from Microsoft Support and a method to check whether
Back Orifice 2000 is installed on your system.
Windows 2000 Magazine / Keeping Up with NT / July 29, 1999
Back
Orifice 2000: Admin Utility or Hacking Tool?
Cult of the Dead Cow releases new version of Back Orifice.
Windows 2000 Magazine / NT News / July 14, 1999
New
Back Orifice Virus May Threaten NT
An update to an old threat is slated for release on July 10, 1999, and may be
coming to a Windows NT computer near you.
Windows 2000 Magazine / NT News / July 8, 1999
Attention:
Lotus Notes Users
It appears the worm virus has invaded Lotus Notes shops, and that the virus is
not Exchange/Outlook dependent.
Windows 2000 Magazine / NT News / June 17, 1999
FastLane
Technologies Releases Windows NT WormKiller Virus Application
Yesterday, FastLane Technologies released an application to detect and disable
the Worm.ExploreZip virus.
Windows 2000 Magazine / NT News / June 11, 1999
ExploreZip
Virus Worming its Way onto Networks Worldwide
For the past 2 days, an ugly virus named ExploreZip has been destroying the
contents of hard drives all over the world.
Windows 2000 Magazine / NT News / June 11, 1999
Reader
to Reader
Share your NT discoveries, comments, problems, solutions, and experiences with
products and reach out to other Windows NT Magazine readers (including
Microsoft).
Windows 2000 Magazine / Reader to Reader / February 1999
Norton
Antivirus 4.0 for Windows NT Servers
Norton AntiVirus (NAV) 4.0 for NT Servers includes a flexible, centralized alert
system that keeps administrators up-to-date through alerts from other
workstations and servers running NAV products.
Windows 2000 Magazine / Lab Reviews / November 1998
ServerProtect
ServerProtect, from Trend Micro, is a comprehensive virus detection and
eradication tool for NT systems that uses a domain concept to manage servers.
Windows 2000 Magazine / Lab Reviews / August 1998
Ask
Dr. Bob Your NT Questions
Find out about using ERD Commander, creating a batch file to back up open files,
defragmenting NT's pagefile.sys file, and controlling viruses with ease and
efficiency.
Windows 2000 Magazine / Tricks & Traps / July 1998
The
Administrator's Toolkit
Discover essential resources and equip yourself to handle any system challenge.
Windows 2000 Magazine / Getting Started with NT / March 1998
Ask
Dr. Bob Your NT Questions
Successfully use Cleansweep and Norton Uninstall Deluxe with NT, and safeguard
boot sectors with resource kit apps.
Windows 2000 Magazine / Tricks & Traps / March 1998
Workstation
Virus Scanning Software-Antivirus
Protect yourself at all times with today's batch of antivirus software.
Windows 2000 Magazine / Lab Feature / November 1997
Tech
Stories from the Trenches
A recent experience of installing and configuring three products provided a hard
dose of trench reality.
Windows 2000 Magazine / Lab Feature / October 1997
Inside
On-Access Virus Scanners
Find out how on-access virus scanners work with file system drivers and with
NT's I/O Manager to check files for viruses.
Windows 2000 Magazine / NT Internals / September 1997
Ask
Dr. Bob Your NT Questions
Find out whether to enable PPTP filtering within a domain, the advantages and
disadvantages of using a printer pool vs. a network printer, and what to
consider when you upgrade SQL Server 4.21 to 6.5.
Windows 2000 Magazine / Tricks & Traps / June 1997
InterScan
E-Mail VirusWall
Trand Micro's InterScan E-Mail VirusWall 1.72 is a service that acts as a
gateway between your computer and a SMTP mail server.
Windows 2000 Magazine / Lab Reviews / April 1997
Service
Pack 2 Caveat Emptor
Surprise! Service Pack 2 for NT 4.0 offers bugs with the fixes.
Windows 2000 Magazine / Features / March 1997
Ask
Dr. Bob Your NT Questions
Learn how you can fix an inaccessible hard disk and boot process errors, choose
the best file system in NT for your needs, run NT on an AST portable, and much,
much more.
Windows 2000 Magazine / Tricks & Traps / March 1997
Virus
Scanners for NT
Windows 2000 Magazine / Lab Feature / October 1996
Reader
to Reader
Share your NT discoveries, comments, problems, solutions, and experiences with
products and reach out to other Windows NT Magazine readers (including
Microsoft).
Windows 2000 Magazine / Reader to Reader / September 1996
Norton
NT Tools by Symantec
New tools for old problems.
Windows 2000 Magazine / Lab Reviews / July 1996
Norton
AntiVirus for NT
If speed is of the essence, Norton AntiVirus is a good choice.
Windows 2000 Magazine / Lab Feature / April 1996
McAfee’s
ViruScan
ViruScan from McAfee is truly a cross-platform product, with versions for DOS,
Windows 3.1, Windows 95, OS/2, and Windows NT.
Windows 2000 Magazine / Lab Feature / April 1996
ThunderByte
Anti-Virus for Networks
ThunderByte Anti-Virus for Networks is primarily a network-scanning utility.
Windows 2000 Magazine / Lab Feature / April 1996
Firewall Articles and Whitepapers
Outbound
Traffic Is a Serious Security Risk
Mark Edwards discusses why protecting your networks from inbound traffic is not
enough.
Windows IT Security / In Focus / July 2000
Firewall
Hardware
Find out which firewalls offer as much automatic configuration and ease of use
as possible.
Windows 2000 Magazine / Buyer's Guide / March 2000
Published
ICA Applications
This server-based computing solution opens many doors, particularly on your
network. Here's how to configure your firewall to guard against intrusion.
Windows 2000 Magazine / Features / February 2000
Windows
2000 Offers Greater Security for Your Network
Windows 2000 will significantly increase the potential for a more secure network
through technologies such as Kerberos, public key infrastructure (PKI), and
System File Protection (SFP), to name a few.
Windows IT Security / In Focus / July 2000
More
Viruses and Trojans Circling the Internet
Security expert Mark Edwards offers advice on how to protect your networks from
these email-transmitted viruses.
Windows IT Security / In Focus / July 2000
Add
Fuel to Your Firewall
Discover several security tools that help you spot potential problems before
attackers exploit them.
Windows 2000 Magazine / Focus / October 1999
SonicWALL
Plus DMZ
Not long ago, installing a firewall was a long, painful process requiring an
abundance of arcane technical knowledge. Much of the pain is gone when you
install SonicWALL Plus DMZ.
Windows 2000 Magazine / Lab Reviews / May 1, 1999
The
Lab Guys Install a Firewall
When they needed to provide basic protection for systems on an independent
network, the Lab Guys installed a firewall - and discovered the process isn't as
painful as it used to be.
Windows 2000 Magazine / Lab Guys / May 1999
SessonWall-3
Software to help you take control of your network.
Windows 2000 Magazine / Lab Reviews / April 1, 1999
SecurIT
FIREWALL 4.11 for NT
Milkywy Networks' SecurIT FIREWALL 4.11 for NT can help you protect your
internal network, provide secure access for telecommuters, and manage your
firewall remotely.
Windows 2000 Magazine / Lab Reviews / February 1999
Proxy
Server 2.0
Microsoft significantly improved this product, making Proxy Server 2.0 a viable
solution to enhance both the security and the performance of your LAN.
Windows 2000 Magazine / Focus / October 1998
Deciphering
PPTP
Dig into the Point-to-Point Tunneling Protocol. This relatively new Internet
protocol acts as a poor person's firewall, not a connectivity tool.
Windows 2000 Magazine / Inside Out / December 1996
Firewalls:
Securing NT Networks from Internet Intruders
Tyring to juggle the importance of Internet access with your network's security?
Improve your business security with firewalls and a few rules for Internet
users.
Windows 2000 Magazine / Features / November 1996
Who
Needs a Firewall?
How to determine whether your organization needs a firewall for Internet
security.
Windows 2000 Magazine / Features / November 1996
Can
Your Firewall Take the Heat?
Vendors and products passed the NCSA certification program.
Windows 2000 Magazine / Features / November 1996
Up
Against the Wall
Once you decide to place firewalls between your Internet connection and your
local systems there are three rules to follow.
Windows 2000 Magazine / Focus / September 1995