Creating a Strong and Memorable Password

Computers running Microsoft Windows XP Professional, Windows Small Business Server 2003 as well as Windows NT and Windows 2000 all support strong passwords. They also support pass phrases, which can be easier to remember. Examples of pass phrases might be:

• I ate (!!) mangoes in Cairns.
• 3 shoes @ the store cost $92.

• Ocw13iJ.! (Our cat was 13 in Jan.!)
• Mcif&h@17. (My cat is fat & happy @ 17.)

• 2potatoes+beans$4
• cOws@the2ndfArm

• Mum&Dad#25Annivers@ry
• ruNNing@Cty2Surf#1teaM

1. Always log off when you leave your PC unattended
2. Change your passwords at least every 90 days
3. Don't share your passwords with anyone

    RFC documentation

• User to User Kerberos Authentication Using GSS-API:
      http://www.ietf.org/internet-drafts/draft-swift-win2k-krb-user2user-03.txt
• The Windows 2000 RC4-HMAC Kerberos Encryption Type:
      http://www.ietf.org/internet-drafts/draft-brezak-win2k-krb-rc4-hmac-03.txt
• Extending Change Password for Setting Kerberos Passwords:
      http://www.ietf.org/internet-drafts/draft-trostle-win2k-cat-kerberos-set-passwd-04.txt
• Generating KDC Referrals to Locate Kerberos Realms:
      http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-kerberos-referrals-02.txt
• HTTP Authentication: SPNEGO Access Authentication:
      http://www.ietf.org/internet-drafts/draft-brezak-spnego-http-02.txt

    Passwords

• Character Map
• Use Alt Keys
• Ascii_ext-pc.htm
• Ascii_std.htm
• How to Make Windows 2000 and NT 4 Passwords Uncrackable, Page 2-3
• JSI Tip 0554 - Lost your Administrator password and need the ultimate hack
• How to Set a User's Password with Ldifde
• HOWTO Change a Windows 2000 User's Password Through LDAP

    The Base64 Alphabet

    Firewall Stuff

• LeakTest - Firewall Test
• Personal Firewall Reviews
• http://www.isaserver.org/articles/2004tales.html
• Comparing the ISA Firewall to non-ISA Firewall Solutions
• http://blogs.isaserver.org/shinder/2006/05/18/why-dont-you-tell-me-how-to-block-streaming-media/
• http://www.isaserver.org/tutorials/ISA_Server_Destination_Sets_and_Inbound_and_Outbound_Access.html
• http://isatools.org/tools.asp?Context=ISA2004
• http://isatools.org/
• protocol definitions
• site blocking

    Virus Information

• Symantec - Hoax Page
• F-Secure - Hoax Page
• McAfee - Virus Hoaxes
• ICSA Labs - Hoaxes
• Vmyths.com- Virus Hoaxes
• ICSA Labs - Virus Alerts
• CERT - Virus Resources
• eicar - Anti-Virus test file

    Microsoft Knowledge Base Articles

• Search (KB) for Kerberos
• 837243 - Availability and description of the Port Reporter tool
• Q201255 - HOW TO Enable SGC on Internet Information Server
• Q246261 - How to Use the RestrictAnonymous Registry Value in Windows 2000
• Q256644 - Description of Remote Access Wizards
• Q259129 - HOWTO Modify or Query the RDP Connection Permissions for Terminal Services
• Q266132 - Windows 2000 Hangs at Preparing Network Connections Screen on Multiple-Processor Computers
• Q290388 - HOW TO Determine if a VeriSign SGC Is Being Used on a Web Site
• Q299525 - HOWTO Set Up SSL Using IIS 5.0 and Certificate Server 2.0
• Q300434 - HOW TO Allow Remote Users to Access Your Network in Windows 2000
• Q314053 - TCP-IP and NBT Configuration Parameters for Windows XP
• Q315055 - HOW TO Use IPSec Policy to Secure Terminal Services Communications in Windows 2000
• Q315396 - HOW TO Troubleshoot Startup Problems in Windows 2000
• Q120642 - TCP-IP and NBT Configuration Parameters for Windows 2000 or Windows NT

    Security Links

• autopatcher.com
• microsoftsecurityassessment.com
• Using Group Policy and Active Directory with SCW
• Microsoft Security Web Site Keep your finger on the pulse
• Microsoft Personal Security Advisor Receive a detailed report of your computer's security settings and recommendations for improvement
• Microsoft Security Tools and Checklists
• This is really groovy if you are locking down systems
• Visit NTBugTraq.com - for more on security issues
• ntsecurity.net - Windows security site - good one!
• astalavista.com - Security Hardening a Standalone Windows 2000
• astalavista.com
• sans.org - SysAdmin, Network, and Security
• Stiller.com - Research Virus Hoax News
• nmrc.org/faqs/nt - NT Hack FAQ v2
• RSA Laboratories DES Challenge III
• http://www.secadministrator.com/articles/index.cfm?articleid=38072
• A Description of Svchost.exe in Windows XP
• Windows XP - User Rights
• Kerberos The Network Authentication Protocol

    802.1x Links

• Set up 802.1x authentication
• Understanding 802.1x Authentication
• Radius Server - Wireless 802.11x PEAP failure IAS Cicso 1200
• Security Basics RE 802.1x RADIUS Deployment in Wireless LAN
• Radius Server - Aironet 1200-MS Radius Help - Yet Again
• Radius Server - Aironet 1200-Radius Help Needed

    Certificates and PKI

• The PKI page
• Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure
• 810758 - White Paper An Introduction to the Windows 2000 Public Key Infrastructure
• 818761 - White Paper Technical Overview of Windows Server 2003 Security Services
• Step-by-Step Guide to Encrypting File System (EFS)
• Certificate Autoenrollment in Windows Server 2003
• Implementing and Administering Certificate Templates in Windows Server 2003
• Windows Server 2003 PKI Operations Guide

• 293818 - MS01-017 Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard
• Q260219 - High Encryption Pack Does Not Protect Windows 2000 Private Keys
• Q313407 - HOW TO Create Automatic Certificate Requests with Group Policy in Windows
• What's New in Security for Windows XP Professional and Windows XP Home Edition

    Securing File Systems Links

• 825751 - How to use Xcacls.vbs to modify NTFS permissions
• 266118 - How to restore the default NTFS permissions for Windows 2000
• NTFS 1.1 - 4.0
• NTFS 5.0
• NTFS Version Compatibility
• NTFS Versions
• NTFS.com NT File System General Information
• PCGuide - Ref - NTFS Architecture and Structures
• PCGuide - Ref - PC Operating System and File System Cross-Reference
• Windows 2000 EFS
• Windows 2000 EFS for System Admins
• ZDNet Australia News & Tech Communications Encrypted data Backup and recovery

    Protected Store

• Q306992 - HOW TO Manage Stored User Names and Passwords on a Computer in a Domain in Windows XP
• What's New in Security for Windows XP Professional and Windows XP Home Edition

    Standards

• Security Configuration Guides
• Windows 2000 Security Recommendation Guides -- National Security Agency --
• Commercial Product Evaluations
• Communications Security Establishment - Centre de la sécurité des télécommunications
• Defence Signals Directorate (DSD) - Australia
• Managed Security Services by TruSecure, your Intelligent Risk Management Company.
• NSA Zipped Archive
• The UK ITsec Scheme
• Welcome to the Australian Security Intelligence Organisation (ASIO) - home page

    SIDs

• Security Identifiers
• Q243330 - Well Known Security Identifiers in Windows 2000
• Q275266 - Error Message During a Logon Attempt, the User's Security Context Accumulated Too Many Security IDs
• New Windows 2003 cmd "whoami /all /sid"
• 289243 - MS02-001 Forged SID Could Result in Elevated Privileges in Windows 2000

    Tools

• http://wireshark.org - originally called Ethereal
• http://www.digirain.com/ TrafficQuota is a bandwidth and quota management solution for ISA
• http://ophcrack.sourceforge.net - password cracker
• http://oxid.it/cain.html - Cain and Abel Windows Password Cracker
• Not available any more bought buy Symantec and then dropped - L0phtcrack.com - a premier NT security site on the internet
• Baseline Security Analyzer
• arp-sk
• Frequently asked questions about the Microsoft Network Security Hotfix Checker (Hfnetchk.exe) tool
• Griffin Technologies Securi Key
• Tripwire Download - Tripwire for Security & Network Management
• Internet Security Systems Products and Services
• Microsoft Personal Security Advisor
• Microsoft Products & Technologies
• technotronic.com

• UltraScan
• Black Hat Briefings, Training and Consulting Security splash page
• COTSE - Penetration Testing Tools
• G-Lock AATools - network diagnostic software, EasyMail - bulk email software, Email Verifier
• VNC Download stage 2
• DameWare Development Downloads
• Hyena - Windows NT-2000 System Administration
• Shavlik - HFNetChkPro

    Attacks

• The Attacks on GRC.COM
• 2600 The Hacker Quarterly
• 2600 Hacked Sites Archive

    EFS

• Windows 2000 Server EFS and Protected Storage Resource Kit

    ISA Links

• ISA 2006 - Secure Application Publishing
• ISA 2006 - Secure Application Publishing - LDAP Configuration
• 2824-ISA2004Srvr-HowTheClassIsSetUp
• ISA Tools
• ISAstuff
• GFI WebMonitor for ISA Server
• ISA Server Software - Anti Virus, Access Control, Intrusion Detection, Reporting and more!
• Ixia - Leader in IP Network Testing
• How to build an ISA firewall lab with Virtual PC 2004
• Authentication in ISA Server 2006
• Application Filters Provided with ISA Server 2006
• Automatic Detection Concepts in ISA Server 2006
• Best Practices Firewall Policy for ISA Server 2006
• ISA Server Network Protection- Protecting Against Floods and Attacks
• Link Translation Concepts in ISA Server 2006