And still just as relevant ......lol
BTW...did you realise that NT4 is coming up on 9 years old?
Krang
Printable View
And still just as relevant ......lol
BTW...did you realise that NT4 is coming up on 9 years old?
Krang
I've just found this thread ? does the fact that it is getting on a bit detract from the fact that it IS still relavent ? I am fairly safe in saying that I have knowledge beyond that given, but we all had to start somewhere !!! for me somewhere was a state of the art 486DX2 66MHz beastie, with a whole 300 MB on the hard drive, and a whopping 16 MB of RAM, running that devil's brew of an OS W3.11 !!!!!!
This tutorial is seriously flawed.
Under the few rare instances you can start from scratch as the author suggests... bring the system current first! Then lock it down. Frequently the bigger updates may change functionality of not only the system but of any third party tools you've added to it.
Plus if you are using AV software it is likely that you will need to disable it to do updates anyhow.
catch
So if you're using the net to bring the system current first, do you just assume you are going to be okay connected to the net while spending a few hours downloading patches.Quote:
Originally posted here by catch
This tutorial is seriously flawed.
Under the few rare instances you can start from scratch as the author suggests... bring the system current first! Then lock it down. Frequently the bigger updates may change functionality of not only the system but of any third party tools you've added to it.
Plus if you are using AV software it is likely that you will need to disable it to do updates anyhow.
catch
I suggest your advice is seriously flawed if you are bringing your system current by using the internet.
Also you can download the updates/patches with AV switched on, disconnect from the internet before turning off AV and then update.
Just my 2c
What good is the AV software going to do you while you update your system? Can you not hold out on downloading suspect files for two minutes?
Typically systems will connect to an update proxy, but if we are talking about home systems, it still makes sense to configure after the system is current. If the system is in its default state it will have no sensetive information on it, so confidentiality isn't an issue. Nor is data integrity and system integrity can be checked once the updates are done, no reason defending a file that you are about to replace. So your only real concern is availibility of a system that isn't even considered live yet.
Your risks are minimal and the rapidly changing (and typically rebooting) system will make it exceptionally difficult for an attack as you either have some sort of dhcp dial-up or you have a permanent connection which allows you to filtering incoming connections from outside the computer.
Considering these points and the time you will save as well as the accuracy of your lock down techniques, I stand by my original argument. Which happens to be part of the recommended security guide of every OS I've seen and part of the new system procedure at every company I've worked at.
catch
Quote:
Originally posted here by steve.milner
So if you're using the net to bring the system current first, do you just assume you are going to be okay connected to the net while spending a few hours downloading patches.
I suggest your advice is seriously flawed if you are bringing your system current by using the internet.
Also you can download the updates/patches with AV switched on, disconnect from the internet before turning off AV and then update.
Just my 2c
I THINK ITS NOT THAT NECESSARRY BRO....Quote:
Originally posted here by krang
Hi All,
Step One: Harden your operating system.
Best done from scratch, i.e backup your data and perform a new installation.
For those on 95/98/ME you need to remove MS Network services - "Start" > "Settings" >
"Control Panel" > "Network", remove "Netbeui" and "File and Printer Sharing". If
you are on NTWS or Win2K and would like to go berserk here are some guides:
http://secinf.net/info/nt/hard/hard.html
http://www.systemexperts.com/win2k/HardenWin2K.html
http://www.giac.org/practical/Dean_Farrington_GCNT.doc
Krang
I THINK THIS IS NOT A TUTORIAL GUYS
THIS MORE ON DETAILED INFO
NAHHHHHHHHH!!!
BUT ANYWAY THANKS FOR THE WEBSITES
AND THE LINKS DUDE !!!
I APPRECIATE IT!!!
As Maddox said:
"Seven sixteenths of one inch. That's the distance you'd have to move your pinky in order to not sound like an idiot."
This tutorial is 2 years old. But thank-you for your input :)
heres my responce to thatQuote:
So if you're using the net to bring the system current first, do you just assume you are going to be okay connected to the net while spending a few hours downloading patches.