My 7 point plan for windows security
Download
1 / 3

My 7-Point Plan for Windows Security - PowerPoint PPT Presentation


  • 274 Views
  • Updated On :

My 7-Point Plan for Windows Security Terry Gray Director, Networks & Distributed Computing UW Computing & Communications September 2002 Objective Make Windows computers “Network Safe”, right out of the box.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'My 7-Point Plan for Windows Security' - johana


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
My 7 point plan for windows security l.jpg

My 7-Point Plan for Windows Security

Terry Gray

Director,

Networks & Distributed Computing

UW Computing & Communications

September 2002


Objective l.jpg
Objective

  • Make Windows computers “Network Safe”, right out of the box.

  • Make it easy for users to adjust their security policy in accordance with principle of least privilege (or minimum necessary access from the network).

  • An “Open Letter” to Microsoft...


My 7 point plan for windows security3 l.jpg

Require the administrator account to have a password!

By default, deny incoming connections to all but a minimum number of necessary service ports via integral firewalling.

When an application requires listening on a port, give users the option of opening the port just for the session, or for a fixed time interval, or "forever”… but remind later about ports left open.

Make it easy for users to establish their own local perimeter defense via IP access lists. (Important if they need to run insecure protocols within their workgroup.)

Enhance existing "IP Security" capabilities to allow blocking only "initial connection" (SYN) packets.

By default, have connections use IPSEC whenever available.

Be wary of the UPNP NAT/firewall traversal stuff --a major security headache waiting to happen.

My 7-Point Plan for Windows Security