Security Resource Guide
Microsoft Security Resource Guide
My Thanks to
Anil John and Steve Lamb
Jerry Bryant [MS] has an excellent post with links to Security resources that are provided by Microsoft.
I am copying this here so that you do not have to go looking for them later:
My thanks to everyone who posted about this resource
Tools
Microsoft Baseline Security Analyzer (MBSA)
Use this tool to identify common security misconfigurations and missing security updates. MBSA runs on the Windows Server™ 2003, Windows® 2000, and Windows XP operating systems and will scan for vulnerabilities in multiple products and technologies, including Microsoft Internet Information Services (IIS) and SQL Server™.
Software Update Services (SUS) / Windows Update Services (WUS)
Quickly and reliably deploy the latest security updates, and service packs with Software Update Services. This new site now has the latest info on WUS.
Windows Update
Scans your computer and provides a selection of updates tailored for your operating system, software, and hardware.
Microsoft Office Product Updates
Scans and updates Microsoft Office products.
IIS Web Server Lockdown Wizard
Reduces the attack surface of Internet Information Services (IIS) and includes URLScan to provide multiple layers of protection against attackers.
UrlScan Security Tool
helps prevent potentially harmful HTTP requests from reaching IIS Web servers.
Microsoft Update
Removal Tools:
Mydoom, Zindos and Doomjuice worms
Blaster Removal Tool for Windows XP and 2000
Sasser (A-F) Worm Removal Tool
MS04-028 Enterprise Scanning Tool
Other Tools:
http://www.microsoft.com/technet/security/tools/default.mspx
Security Risk Self-Assessment for Midsize Organizations
Updating
Understanding Update Management: Microsoft’s Software Update Strategy
Updated white paper talks about the need for strong update management process.
Other Update Management info in the TechNet Topics Page
Isolation and Resiliency
Listing of resources for the IT Pro to evaluate and deploy XP SP2
Network Access Protection
Internet Security and Acceleration (ISA) Server 2004 whitepapers updated
Read about secure remote Outlook access in the Unique Protection for Microsoft Exchange Server whitepaper, a very viable business scenario with ISA Server
Engineering Excellence
Trustworthy Computing: Security
Whitepapers on Security Enhancements: Describes the Trustworthy Computing initiative as applied to the Windows Server, Office 2003 and Exchange Server 2003 development processes respectively.Windows Server 2003Office 2003Exchange Server 2003
Get the Facts: Windows and Linux
SQL
Guidance and Training
Security Guidance Centres on Microsoft.comWorldwideUS
Prescriptive guidance to help provide defence-in-depth security.
E-Learning Security Training
E-Learning self-paced clinics - 4 Developer and 8 ITPro modulesNow available in French, German, Spanish and JapaneseXP SP2
Security Guidance Kit CD (now shipping in US and Canada)
CD-ROM with tools, templates, and how-to guides
Microsoft IT Security Showcase
An insider view into Microsoft's process of deploying, and managing its own enterprise solutions.
Security Newsletter
Register for our free monthly e-mail newsletter that's packed with security news, guidance, updates, and community resources to help you protect your network.
Security Program Guide: Events and Training Information
Events, webcasts and training available for both IT Professionals and Developers.
US Security Summit Keynote and Training Content
Security Notifications via e-mail
Sign up today to get e-mail alerts when an important security bulletin or virus alert has been released.
Security Update RSS Feed
Security Bulletin Search Page
Search on product, technology or KB article
Security Bulletin Webcasts
Join Microsoft experts on the day after bulletin announcements to get the latest information and have the opportunity to ask questions.
How to Tell If a Microsoft Security-Related Message Is Genuine
Writing Security, 2nd edition
Best practices for writing Security and stopping malicious hackers.
Building and Configuring More Secure Web Sites
Best Practices used at OpenHack.
Recent Security Guidance Centre additions:
Windows XP Guide, includes SP2New Security Risk Management GuideWindows NT 4.0 and Windows 98 Threat Mitigation GuideMicrosoft Identity and Access Management SeriesAntivirus Defence-in-DepthSecuring Wireless LANs with PEAP and Passwords
Small Business Guidance
Guidance specifically for the smaller business
Configuring Windows XP 802.11 Wireless Networks for the Home / Small Business
Consumer Information:http://www.microsoft.com/security/protect
http://www.microsoft.com/athome/security/default.mspx
Newsletter for home users
Security bulletin notifications for home users
My Thanks to
Anil John and Steve Lamb
Jerry Bryant [MS] has an excellent post with links to Security resources that are provided by Microsoft.
I am copying this here so that you do not have to go looking for them later:
My thanks to everyone who posted about this resource
Tools
Microsoft Baseline Security Analyzer (MBSA)
Use this tool to identify common security misconfigurations and missing security updates. MBSA runs on the Windows Server™ 2003, Windows® 2000, and Windows XP operating systems and will scan for vulnerabilities in multiple products and technologies, including Microsoft Internet Information Services (IIS) and SQL Server™.
Software Update Services (SUS) / Windows Update Services (WUS)
Quickly and reliably deploy the latest security updates, and service packs with Software Update Services. This new site now has the latest info on WUS.
Windows Update
Scans your computer and provides a selection of updates tailored for your operating system, software, and hardware.
Microsoft Office Product Updates
Scans and updates Microsoft Office products.
IIS Web Server Lockdown Wizard
Reduces the attack surface of Internet Information Services (IIS) and includes URLScan to provide multiple layers of protection against attackers.
UrlScan Security Tool
helps prevent potentially harmful HTTP requests from reaching IIS Web servers.
Microsoft Update
Removal Tools:
Mydoom, Zindos and Doomjuice worms
Blaster Removal Tool for Windows XP and 2000
Sasser (A-F) Worm Removal Tool
MS04-028 Enterprise Scanning Tool
Other Tools:
http://www.microsoft.com/technet/security/tools/default.mspx
Security Risk Self-Assessment for Midsize Organizations
Updating
Understanding Update Management: Microsoft’s Software Update Strategy
Updated white paper talks about the need for strong update management process.
Other Update Management info in the TechNet Topics Page
Isolation and Resiliency
Listing of resources for the IT Pro to evaluate and deploy XP SP2
Network Access Protection
Internet Security and Acceleration (ISA) Server 2004 whitepapers updated
Read about secure remote Outlook access in the Unique Protection for Microsoft Exchange Server whitepaper, a very viable business scenario with ISA Server
Engineering Excellence
Trustworthy Computing: Security
Whitepapers on Security Enhancements: Describes the Trustworthy Computing initiative as applied to the Windows Server, Office 2003 and Exchange Server 2003 development processes respectively.Windows Server 2003Office 2003Exchange Server 2003
Get the Facts: Windows and Linux
SQL
Guidance and Training
Security Guidance Centres on Microsoft.comWorldwideUS
Prescriptive guidance to help provide defence-in-depth security.
E-Learning Security Training
E-Learning self-paced clinics - 4 Developer and 8 ITPro modulesNow available in French, German, Spanish and JapaneseXP SP2
Security Guidance Kit CD (now shipping in US and Canada)
CD-ROM with tools, templates, and how-to guides
Microsoft IT Security Showcase
An insider view into Microsoft's process of deploying, and managing its own enterprise solutions.
Security Newsletter
Register for our free monthly e-mail newsletter that's packed with security news, guidance, updates, and community resources to help you protect your network.
Security Program Guide: Events and Training Information
Events, webcasts and training available for both IT Professionals and Developers.
US Security Summit Keynote and Training Content
Security Notifications via e-mail
Sign up today to get e-mail alerts when an important security bulletin or virus alert has been released.
Security Update RSS Feed
Security Bulletin Search Page
Search on product, technology or KB article
Security Bulletin Webcasts
Join Microsoft experts on the day after bulletin announcements to get the latest information and have the opportunity to ask questions.
How to Tell If a Microsoft Security-Related Message Is Genuine
Writing Security, 2nd edition
Best practices for writing Security and stopping malicious hackers.
Building and Configuring More Secure Web Sites
Best Practices used at OpenHack.
Recent Security Guidance Centre additions:
Windows XP Guide, includes SP2New Security Risk Management GuideWindows NT 4.0 and Windows 98 Threat Mitigation GuideMicrosoft Identity and Access Management SeriesAntivirus Defence-in-DepthSecuring Wireless LANs with PEAP and Passwords
Small Business Guidance
Guidance specifically for the smaller business
Configuring Windows XP 802.11 Wireless Networks for the Home / Small Business
Consumer Information:http://www.microsoft.com/security/protect
http://www.microsoft.com/athome/security/default.mspx
Newsletter for home users
Security bulletin notifications for home users
posted by blogmaster at 7:09 PM
0 Comments:
Post a Comment
<< Home