[SECURITY-L] CAIS-Pub: NIST Windows 2000 security draft released

Daniela Regina Barbetti daniela em ccuec.unicamp.br
Qui Jan 31 15:18:57 -02 2002 

----- Forwarded message from "Liliana E. Velasquez Alegre Solha" <nina em cais.rnp.br> -----

From: "Liliana E. Velasquez Alegre Solha" <nina em cais.rnp.br>
Subject: [S] CAIS-Pub: NIST Windows 2000 security draft released
To: <seguranca em pangeia.com.br>
Date: Thu, 31 Jan 2002 12:31:02 -0200 (EDT)


Prezados,

Nesta semana, o NIST divulgou mais um guia de seguranca muito
interessante, desta vez tratando de sistemas Windows 2000 Professional.
Ele pode ser acessado a partir de:

	http://csrc.nist.gov/itsec/guidance_W2Kpro.html

Em anexo, uma noticia relacionada.

Um abraco,

Nina
CAIS/RNP


--------------------------------------------------------------
http://www.fcw.com/fcw/articles/2002/0128/web-nist-01-30-02.asp

By Diane Frank
Jan. 30, 2002

The National Institute of Standards and Technology's security center
on Jan. 28 released its draft guide for system administrators to
secure Microsoft Corp.'s Windows 2000 Professional and many of the
common applications that run on the operating system.

The NIST Computer Security Resource Center's package, "System
Administration Guidance for Windows 2000 Professional," is intended to
describe a recommended process for securing Windows 2000 systems and
networks.

It includes configuration guides, checklists and templates for
applications such as Web browsers, antivirus software and e-mail
clients.

The guidance is not intended to provide the final word on Windows
security for agency systems administrators, and the center makes it
very clear on its Web site and in the guide that agencies should not
implement any of the recommended settings without first testing them
within the agency's network.

"This document is only a guide containing recommended security
settings. It is not meant to replace well-structured policy or sound
judgment. Furthermore, this guide does not address site-specific
configuration issues. Care must be taken when implementing this guide
to address local operational and policy concerns," the security
center's site states.

The center developed the guidance in collaboration with the National
Security Agency, which has released several configuration guides for
commercial products, including Windows NT and 2000.

NIST serves as the primary technical security resources for civilian
agencies under the Computer Security Act of 1987.


----- End forwarded message -----

Mais detalhes sobre a lista de discussão SECURITY-L