Microsoft Windows Security Resource Kit
Additional Information
-
Security Operations Guide for Windows 2000 Server, Chapter 4, Securing Servers Based on Role (http://www.microsoft.com/technet/security/prodtech/windows/windows2000/staysecure/secops04.asp)
-
MCSE Training Kit: Designing Microsoft Windows 2000 Network Security, Chapter 14, Securing an Extranet (Microsoft Press, 2001)
-
IIS Security Planning tool (http://www.microsoft.com/downloads/release.asp?ReleaseID=24973)
-
IIS Lockdown tool (http://www.microsoft.com/technet/security/tools/tools/locktool.asp)
-
URLScan security tool (http://www.microsoft.com/technet/security/tools/tools/URLScan.asp)
-
Secure Internet Information Services 5 Checklist (http://www.microsoft.com/technet/security/tools/chklist/iis5chk.asp)
-
IIS 5.0 Baseline Security Checklist (http://www.microsoft.com/technet/security/tools/chklist/iis5cl.asp)
-
Microsoft Windows 2000 Advanced Documentation: Mapping Certificates to User Accounts (http://www.microsoft.com/windows2000/en/advanced/help/sag_CS_CertMapAccounts.htm)
-
U.S. National Security Agency s Guide to the Secure Configuration and Administration of Microsoft Internet Information Services 5.0 (http://www.nsa.gov/snac/win2k/guides/w2k-14.pdf)
-
315669: How to Harden the TCP/IP Stack Against Denial of Service Attacks in Windows 2000
-
309677: Known Issues and Fine Tuning When You Use the IIS Lockdown Wizard in an Exchange 2000 Environment
-
309675: IIS Lockdown Tool Affects SharePoint Portal Server
The previous three articles can be accessed through the Microsoft Knowledge Base. Go to http://support.microsoft.com and enter the article number in the Search The Knowledge Base text box.