Security
Apple/Macintosh
Anti-Spyware for Macs
MacScan (currently
in beta) is the world's first remote administration software
detection title for the Macintosh. Using advanced detection
methods MacScan can detect, isolate and remove the program which
could allow remote administration and violate security.
AntiVirus
information for Macs
Information about Macintosh AntiVirus, Virus, Hoaxes, Trojan,
Pranks and malicious programs.
Apple Mac OS X v10.3.x "Panther" Security Configuration Guide
from NSA (PDF)
A security guide recommended by National Security Agency for the
Mac OS X client operating system.
Apple Mac OS X Server v10.3.x "Panther" Security Configuration
Guide from NSA (PDF)
A security guide recommended by National Security Agency for the
Mac OS X Server operating system.
Go back to top
Exchange/Messaging Security
Configuration and security update recommendations for Exchange
2000
Find the information you need to maximize the performance of
Exchange 2000 and keep your Exchange information secure.
Exchange Server 2003 security hardening guide
This
guide is designed to provide you with essential information
about how to harden your Exchange Server 2003 environment. In
addition to practical, hands-on configuration recommendations,
this guide includes strategies for combating spam, viruses, and
other external threats to your Exchange 2003 messaging system.
Outlook 2000 and later is not compatible with Exchange 2000
Server
Find out why Microsoft recommends that you do not
install Outlook 2000 or later on the same computer that runs
Exchange 2000.
Security operations guide for Exchange 2000 Server
This
guide delivers procedures and best practices for system
administrators to create and maintain a secure environment on
servers running Exchange 2000 with a focus on two specific
server roles: OWA front-end servers and back-end servers.
Go back to top
Forefront Threat Management Gateway
(formerly ISA Server 2006)
Download the software
here.
Internet Information
Service (IIS) Security
IIS lockdown tool
IIS Lockdown Wizard works by turning off
unnecessary features thereby reducing attack surface available
to attackers.
URLScan security tool
Microsoft has released an updated version of the
URLScan tool version 2.0 which has a few additional features
over the previous version. The URLScan tool has now been
integrated with the IIS Lockdown Wizard to provide a one stop
solution and defense in depth, or multiple layers of security.
Go back to top
Internet Explorer
Security
Increase your browsing and e-mail safety
Malicious hackers and virus writers can take advantage of low
security settings in your e-mail and Web browsing software to
infect your computer. By increasing your security settings in
Microsoft Internet Explorer, Microsoft Outlook, and Microsoft
Outlook Express, you can help limit your chances of being
attacked.
Internet
Explorer security zones registry entries
This document
describes how and where Internet Explorer security zones and
privacy settings are stored and managed in the registry. You can
use Group Policy or the Internet Explorer Administration Kit (IEAK)
to set security zones and privacy settings.
ISA Server Security
ISA Server security, tools, and downloads
Information on security, third-party tools, the latest service
packs, and downloads for the ISA Server.
Go back to top
Miscellaneous
Knowledge Base
Articles on EFS
Dozens of Microsoft Knowledge Base
articles on Encrypting File System.
Microsoft Online Crash Analysis
Microsoft Error Reporting asks users to
send error report data to Microsoft via the Internet. This Web
page explains the nature of the data, why it is collected, and
what is done with it.
Microsoft's Security Guidance Center
Get the technical
guidance, tools, training, and updates you need to assist you in
planning and managing a security strategy that's just right for
your organization.
Hotfix and security bulletin service
Monitor on a daily basis
security bulletins issued by the Microsoft Security Response
Center.
SANS/FBI
top 20 security vulnerabilities
SANS/FBI
Top Twenty is actually two Top Ten lists: the ten most commonly
exploited vulnerable services in Windows, and the ten most
commonly exploited vulnerable services in Unix.
The Ten Immutable Laws of Security
These are rules you should keep in mind about
network security in general.
Go back to top
Network Access Protection
Introduction to Network Access Protection
Network Access
Protection (NAP) provides a new architecture to isolate
connecting computers until their health can be verified. Network
Access Protection includes a client and server architecture.
Administrators can configure DHCP Quarantine, VPN Quarantine, or
both, depending on their network needs.
Network Access Protection Platform
NAP for Windows Server
2003 is a new set of operating system components that provides a
platform for protected access to private networks. The NAP
platform provides an integrated way of detecting the state of a
network client that is attempting to connect to a network and
isolating that network client until the health requirements for
connecting to the network have been met.
Network Access Protection FAQs
Find quick answers to
frequently asked questions about Network Access Protection.
Security Certifications
CompTIA Security+ certification
The CompTIA Security+ vendor-neutral certification
exam is the worldwide standard of competency for
foundation-level security practitioners. The exam is available
as of December 26, 2002.
MCSA: Security on Microsoft Windows 2000
This
certification identifies systems administrators who specialize
in implementing and administering security on the Microsoft
platform and as part of a secure computing environment.
MCSE: Security on Microsoft Windows 2000
This
certification identifies systems engineers who specialize in
designing, planning, and implementing security on the Microsoft
platform and as part of a secure computing environment.
MCSA: Security on Microsoft Windows 2003
MCSA:
Security candidates on the Microsoft Windows Server 2003 track
are required to pass three core exams and two security
specialization exams.
MCSE: Security on Microsoft Windows 2003
MCSE:
Security candidates on the Microsoft Windows Server 2003 track
are required to pass five core exams and three security
specialization exams.
Go back to top
Security Holes
Delete arbitrary files in Windows XP
By using the "hcp:"
protocol, it's possible to launch an attack that can delete
files on your hard drive. The patch should be available in
Windows XP SP1.
Phishing Expedition
A flaw in Internet Explorer
makes it easy for scammers to create fake Web sites that look
like real ones. They can steal information from Web users by
using this phishing technique.
Internet Explorer back button exploit
This exploit allows
Web site operators to execute code on your computer without your
permission. Computers running Windows XP SP1 and Windows Server
2003 are protected. Microsoft was first informed of this bug in
November 2001 by Andreas Sandblad. After 27 months Microsoft
finally fixed this exploit on February 9, 2004. Click
here for a patch.
Internet Explorer stench
By coaxing IE users to view a Web page
containing the special code, an attacker can silently force
Windows 98, Windows 2000, or Windows XP users to run a malicious
program of the attacker's choice. The security group Malware.com
has created a harmless
demonstration
of the flaw which downloads and runs an executable program that
fills the victim's computer screen with flames. Check out the
link below.
Wanna see
your computer on flames?
The security group, Malware.com, has created a harmless
demonstration of the flaw (Internet
Explorer stench) which
downloads and runs an executable program that fills the
victim's computer screen with flames. Depending on your
operating system, try one of these harmless demos. For
details, click
here. |
 |
1. Windows 2000:
http://www.malware.com/win2Krap.php.
2. Windows XP:
http://www.malware.com/xpee.php.
3. Windows 98:
http://www.malware.com/malware.php.
Microsoft Passport
Microsoft Passport to trouble
Microsoft is attempting
to position their Passport single sign on authentication
service as the one single identity that an Internet user
should need to perform all their online activities. This
article discusses some of the security risks related to
Passport technology.
Stealing MS Passport's wallet
The bug in Passport
discovered by a software developer in Redmond, Washington.
Passport flaw threatens users' account
A serious security flaw in Microsoft's
Passport service put users' accounts, including their
personal information and credit card numbers, at risk of
being hijacked.
Go back to top
Security Tools
Warning! Due to a large number of rogue anti-spyware
products, we have removed the links to free anti-spyware
auditing tools from our Web site. We recommend you use products
from only reputable companies, such as Microsoft's
Windows
Defender .
For a massive list of "rogue/suspect" anti-spyware products,
click
here.
Free auditing of spyware software
See the above warning.
Free security checks
Gibson Research Corporation
Shields Up checks the security of your computer's
connection to the Internet and it's free. You can also have
your computer ports examined for security holes.
Pop-Up Blocker Tests
These popup blocker tests
include a variety of checks that use uncommon methods to
open popup windows. You an even check your popup blocker
capacity score.
Secunia Online Software Inspector
The FREE tool will inspect your operating system and
software for insecure versions and missing security updates.
A default inspection normally lasts 5-40 seconds, while a
thorough inspection may take several minutes.
Security Assessment Tool
by NIST
The eScan Security Assessment Tool was developed by
National Institute of Standards and Technology for use by
small businesses.
Symantec
Symantec Security Check is a free service
designed to help you understand your computer's exposure to
online security intrusions and virus threats. Scan for
security risks, viruses, or trace a potential attack.
Free virus removal tools
AntiVir PersonalEdition
Classic
This free anti-virus works on 32-bit Windows Vista. It also
works on Windows XP/2000, Linux, FeeBSD, and Solaris. It
includes an ad from the vendor that pops up once a day (24
hours from the time of installation) that requires you to
click OK.
avast! Free Anti-Virus for Home Use
This free anti-virus home edition works on Windows
95/98/XP/2000/Vista.
Free online virus scan
Latest BitDefender virus
detection technology - free and accessible from anywhere in
the world through an Internet browser.
Free virus removal tools from Symantec
Symantec
Security Response has developed these free tools to
automatically conduct what would often amount to extensive
and tedious manual removal tasks. If your system has become
infected with a virus, these tools should aid you in
repairing the damage.
Free virus removal tools from BitDefender
Remove
viruses from your computer using these free tools from
BitDefender. You can even scan for viruses online.
Microsoft Security Essentials
The is a free download from Microsoft that provides
real-time protection for your home PC against viruses,
spyware, and other malicious software.
Free anti-spyware tools
Ad-aware
Pull the plug on "spyware" with this
small, free tool. The utility scans your system, including
removable drives, for the most common advertising spyware
and safely removes the offenders.
AVG Anti-Spyware
AVG Anti-Spyware Free is a free anti-spyware
protection tool for home use.
Microsoft Security Essentials
The is a free download from Microsoft that provides
real-time protection for your home PC against viruses,
spyware, and other malicious software.
Spyware, adware, browser hijackers, and dialers are some of
the fastest-growing threats on the Internet today. By simply
browsing to a Web page, you could find your computer to be
the brand-new host of one of these unwanted fiends.
A real-time protection solution against spyware - detect
browser hijacking attempts and more as they are happening.
Spybot - Search & Destroy
A free tool that protects
your PC from spyware. This utility received
PC Magazine's Editors' Choice Award. Click
here for
tips on configuring Spybot and learn how to remove the 5 DSO
Exploits that Spybot keeps on reporting.
Spy Sweeper
Spyware programs can record your every move - gathering
personal information about you; which Web sites you visit,
which ads you click on, the duration of your visits, your
name, age, gender, credit card numbers, passwords, email
addresses, online buying habits and more. Use this free
software to get rid of adware and spyware.
Windows
Defender
Windows Defender is a free program
that helps protect your computer against pop-ups, slow
performance, and security threats caused by spyware and
other unwanted software.
Free anti-Trojan tools
TrojanScan
Trojan horses are a huge security
threat. A Trojan is a program that enters your computer
undetected, giving the attacker who planted the Trojan
unrestricted access to the data stored on your computer.
Trojans can transmit credit card information and other
confidential data in the background. Trojans are often
not caught by virus scanning engines, because these are
focused on viruses, not Trojans.
Go back to top
AxBan
This free tool developed by Errata Security helps control
some of the ActiveX controls used by third-party
applications, such as Adobe Reader, Flash, Java, iTunes,
QuickTime, etc.
BitLocker Drive Preparation Tool
The BitLocker Drive Preparation Tool
configures the hard disk drives in your computer properly to
support enabling BitLocker.
BitLocker Recovery Password Viewer for ADUC Tool
This tool helps to locate BitLocker Drive Encryption
recovery passwords for Windows Vista- or Windows Server
2008- based computers in Active Directory Domain Services
(AD DS).
BitLocker Repair Tool
The BitLocker Repair Tool can assist administrators in
recovering data from a corrupted or damaged disk volume that
was encrypted with BitLocker.
CMOS-Pwd
Run this
tool to find and reset your CMOS password. This edition
works with the following BIOS sets: AMI, Award 4.5x, Compaq,
DELL, IBM, Packard Bell, and Phoenix. This utility works on
DOS, Windows 3.x, and Windows 95.
Deleted File Analysis Utility
Deleted an important file?
Find out what accidentally deleted files you can get back.
This freeware can directly view your hard drive partition
and list all deleted files that have not yet been completely
overwritten. Runs on Windows NT/2000/Windows XP.
Forefront Security for SharePoint
Forefront Security for SharePoint with Service Pack 2
helps business protect their Microsoft Office SharePoint
Server 2007 and Windows SharePoint Services 3.0
collaboration environments by eliminating documents
containing malicious code, confidential information, and
inappropriate content.
Hacme Bank™
Hacme Bank™ is a free tool from
Foundstone, Inc. and is designed to teach application
developers, programmers, architects and security
professionals how to create secure software. Hacme Bank
simulates a "real-world" online banking application, which
was built with a number of known and common vulnerabilities
such as SQL injection and cross-site scripting. This allows
users to attempt real exploits against a web application and
thus learn the specifics of the issue and how best to fix
it. Also check out
Hacme Bank user and solution guide in PDF format.
Honeywall
CDROM
This free version of the Honeywall
CDROM is a beta release. This version is designed primarily
for standalone honeynets. The Honeywall CDROM combines all
the tools and requirements of a
GenII
honeynet gateway on a (hopefully) easy to use, secure,
bootable CDROM. The intent is to make honeynets easier to
deploy and customize. You simply boot off the CDROM,
configure it based on your environment, and you should have
a Honeywall gateway ready to go.
HouseCall
Free virus scanner that works on
Windows 9x/NT/2000/XP with Internet Explorer 4.0 or later.
Macintosh and Netscape browsers are not supported.
Malware Removal Starter Kit
The Malware Removal Starter Kit provides tested guidance to
help IT Generalists combat malware attacks against small-
and medium-sized organizations. Using the Windows
Pre-installation Environment (Windows PE) in combination
with free anti-malware scanning programs, the kit provides a
low-cost, effective strategy that you can use to vanquish
malware attacks.
Microsoft Baseline Security Analyzer (MBSA)
MBSA is a standalone application that scans Windows
NT/2000/XP systems for common security misconfigurations.
MBSA can scan local and remote machines, as well as both
Windows servers and workstations.
Microsoft
Security Assessment Tool
This application is designed to help organizations with
fewer than 1,000 employees assess weaknesses in their
current IT security environment.
Network security hotfix checker
HFNetChk is a
command-line tool that enables an administrator to check the
patch status of all the machines in a network from a central
location. The tool does this by referring to an XML database
that's constantly updated by Microsoft.
Open SSH for
Windows
A free package that installs a minimal
OpenSSH server and client utilities in the Cygwin package
without needing the full Cygwin installation. This package
provides full SSH/SCP/SFTP support. SSH terminal support
provides a familiar Windows Command prompt, while retaining
Unix/Cygwin-style paths for SCP and SFTP.
MyCrypto application (1.69MB)
Curious as to what the encryption and hashing algorithms will
yield? Check out this simple application that will demonstrate the results
on the fly.
Go back to top
QChain - install multiple hotfixes with 1 reboot
A
command-line tool that gives system administrators the
ability to safely chain hotfixes together.
Qwik-Fix
Qwik-Fix provides another layer of essential
security by closing off the pathways that worms and viruses
use to penetrate your PC.. It does not affect any of your
virus programs, firewall or other programs.
Retina Wireless Scanner
The Retina WiFi Scanner (Windows)
is a comprehensive wireless detection tool that incorporates
Retina Network Security Scanner technology to discover all
active wireless devices and connections on a company
network. Installed on a Windows laptop or desktop PC, Retina
WiFi enables security and IT professionals to detect
wireless access devices, scan for service and generate
detailed reports on their wireless security.
Scan your event logs
Check for high security events
happening on your machine, such as users logging on to your
machine, accesses to important files on your machine, failed
logon attempts, security policy changes to your machine, and
more!
SDelete
The only way to ensure that deleted files, as well as files
that you encrypt with EFS, are safe from recovery is to use
a secure delete application. Secure delete applications
overwrite a deleted file's on-disk data using techniques
that are shown to make disk data unrecoverable, even using
recovery technology that can read patterns in magnetic media
that reveal weakly deleted files. SDelete works on Windows
95, 98, NT 4.0 and Win2K.
Security patch scanner
Here's an updated version
(1.00.0257) of the KB 824146 scanning tool
(KB824146scan.exe) from Microsoft. This tool can be used to
identify computers on your networks that do not have the
823980 (MS03-026) and the 824146 (MS03-039) security patches
installed. This tool replaces the KB 823980 scanning tool
(KB823980scan.exe).
Windows Security Update CD
The Windows Security
Update CD can be ordered from Microsoft free of charge. The
CD includes Microsoft critical updates and information to
help you protect your PC. The CD is only available for
Windows XP/Me/2000/98/98SE.
ZoneAlarm Firewall
Every Internet user
needs Internet access security. Security that can protect
always-on DSL and cable modem connections. That's the kind
of security you get with ZoneAlarm and ZoneAlarm Pro, the
award-winning security products from Zone Labs.
Go back to top
SQL Server Security
SQL Server security checklist
A checklist of 30
security items that SQL administrators should know.
SQL Server 2000 security white paper
This document introduces SQL Server administrators and
developers to the new security features of SQL Server 2000.
In addition to outlining the new features, there is a
detailed discussion about how to best implement security in
a Win2K domain environment as well as source code examples.
SQL Server security model and security best practices
This article discusses the security model of
Microsoft SQL Server 7.0/2000 and security best practices to
help you secure your data.
Go back to top
Whitepapers and Articles
How
secure is your password?
Don't torture your users by
forcing them to use complex passwords (mixture of uppercase,
lowercase, numbers and special characters). Learn how you
can properly secure your passwords by disabling LAN Manager
hash and use techniques that will allow you to configure
your Windows Server 2003 for better password security.
Security Configuration Guides from NSA
National Security Agency has developed and distributed
configuration guidance for a wide variety of software from
open source to proprietary software. The objective of the
configuration guidance program is to provide NSA's customers
with the best possible security options in the most widely
used products.
Security Risks and Locking Down Windows Endpoints
The Arellia solutions addresses some of the security concerns of open systems and the limitations in the
Windows platform. In addition, it can also help businesses meet certain corporation and industry
regulatory requirements.
Go back to top
Windows 2000
Best practice guide for securing A.D. installations
This guide will address the need of establishing a set of
security recommendations for Active Directory, which can be
applied to both new and existing Active Directory
implementations.
How to use SysKey utility to secure Win2K SAM database
The Windows 2000 Security
Accounts Management (SAM) database stores hashed copies of
user passwords. This database is encrypted with a locally
stored system key. To keep the SAM database secure, Windows
2000 requires that the password hashes are encrypted. You
can use the SysKey utility to additionally secure the SAM
database by moving the SAM database encryption key off the
Windows 2000-based computer. Click
here
to learn how the SysKey encryption works so you can properly
protect your systems.
Security Administration Operations Guide
This
Security Administration guide is part of Windows 2000
Operations Guide. The
Windows 2000 Operations Guide Series provides
operational guidance for organizations that have deployed,
or are considering deploying, Microsoft technologies in a
data center or in other types of enterprise computing
environments.
Security Operations Guide for Windows 2000 Server
This guide delivers procedures and best practices for system
administrators to lock down their Windows 2000-based servers
and maintain secure operations once they're up and running.
Windows 2000 recommended updates
Get the latest
updates that Microsoft recommends for Windows 2000.
Windows 2000 tools and utilities
Download tools and
utilities that help you manage and support Windows 2000.
Go back to top
Windows 2003
Account lockout and management tools download
Common security log event IDs
Implementing certificate templates in Win2003
Key archival and management in Win2003
Microsoft solutions for security glossary
PKI enhancements in WinXP Pro and Win2003
PKI operations guide
Security settings in Win2003 and WinXP Pro
Windows Server 2003 Security Guide
Go back to top
Windows 2008
TechNet Virtual Lab: Network Access Protection (NAP) with
IPsec Enforcement
Go back to top
Windows Security
Updates
Windows security bulletins
The
security bulletins address newly discovered issues in
Microsoft Windows each month. These updates are available
for Windows NT/2000/XP/2003 operating systems.
Go back to top
Windows Vista
BitLocker Drive Encryption
How to Use
BitLocker Recovery Password Viewer
Security features and improvements
Security in Windows Vista: setting a new standard
User Account Control
Windows Defender
Windows Vista security blog
Windows Vista Security Guide
Windows Vista security overview (video)
Go back to top
Windows
XP
Best practices for EFS
Data protection and recovery in Windows XP
How to create a password reset disk in Windows XP
Windows XP Security Guide
Go back to top
Wireless
Microsoft Solution for Securing Wireless LANs
Securing wireless LANs with certificate services
Using Wi-Fi safely: Encryption and other tips
WiFi security checklist
Go back to top
|
