A recent InformationWeek article highlights the need for better intrusion detection.
Anatomy of a Break-In – Ride along as a team of security pros pokes holes in the security perimeter of one large company that thought it was safe.
Microsoft has resources that can help you prepare in advance.
How A Criminal Might Infiltrate Your Network – This article is not intended to show you how to hack something, but rather to show how attackers can take advantage of your mistakes. This will enable you to avoid the common pitfalls that criminal hackers exploit.
The Day After: Your First Response To A Security Breach – The security incident is over. The techs have all gone home and are snug in their beds, dreaming of flawless code trees and buffer-overflow repellent. Upper management has done all the damage control they can. Everyone’s shifting back into their normal activities and schedules. Everyone, that is, except you.
Hacked! Your Company . . . Starting with an open and vulnerable system, this series of seminars will teach the key areas you need to know to protect you network from attack. This no-nonsense approach includes implementing strong security policies, protecting you applications from attack and locking down your network.
- Assessing Network Security
- Security Risk Management Discipline
- Think Like a Hacker
Microsoft’s Threats and Countermeasures Guide provides a must-read reference to all security settings that provide countermeasures for specific threats against current versions of the Microsoft Windows operating systems.
FREE Microsoft Tools can help you monitor and protect your network’s security.
Internet Security and Acceleration (ISA) Server 2006 Beta Editions – are an integrated edge security gateway that helps businesses secure their Microsoft application infrastructure, streamline their network and safeguard their IT environment. ISA Server 2006 Beta is available for download in both Standard Edition and Enterprise Edition.
Download the Free Betas:
- Standard Edition (Support Document: Installation Guide)
- Enterprise Edition (Support Document: Installation Guide)
Additional ISA Server 2006 Beta Resources:
- Support Document: Reviewers Guide and Walkthroughs
- Microsoft Website: ISA Server 2006 Beta
- ISA Server Product Team Blog
NEW NOTE! ISA Server 2006 Enterprise Edition Will Be Available on Appliances – Industry leading OEMs are planning to deliver pre-installed, pre-hardened appliance solutions using Windows Server 2003 R2 and Internet Security and Acceleration Server 2006 Enterprise Edition, as well as ISA Server 2006 Standard Edition appliances.
Additional Free Microsoft Security Tools:
PortQry Command Line Port Scanner is a command-line utility that you can use to help troubleshoot TCP/IP connectivity issues. The utility reports the port status of TCP and UDP ports on a computer you choose. For details, see KB310099 and description.
Port Reporter logs TCP and UDP port activity on a local Windows system. Port Reporter is a small application that runs as a service logging which ports are used, which process is using the port, if the process is a service, which modules the process has loaded and which user account is running the process.
- Port Reporter Parser Tool is a log parser for Port Reporter log files. Port Reporter Parser has many features that can help you analyze Port Reporter log files.
Promqry & PromqryUI are two tools that enable you to detect a network sniffer that is running on a computer that is running Windows Server 2003, Windows XP, or Windows 2000. If a system has network interfaces in promiscuous mode, it may indicate the presence of a network sniffer running on the system.
- Promqry is a command line tool that can be used to detect network interfaces that are running in promiscuous mode.
- PromqryUI is a tool with a Windows graphical interface that can be used to detect network interfaces that are running in promiscuous mode.
Support Documents: Description of Microsoft Port Numbers & All Port Numbers