Keep Score of System Security
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Keep Score of System Security

Written By
Jim Rapoza
Jim Rapoza
Jul 22, 2002
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

The consensus baseline security settings for Windows 2000 make it possible for IT administrators to configure Windows 2000 workstations with a high level of security, although without the use of central group policies (such as those in Active Directory), this process could prove to be very time-consuming.

The security settings were announced last week by the Center for Internet Security; the SANS Institute; and several government agencies including the National Security Agency and the National Institute of Standards and Technology. Like many other security benchmarks available at www.cisecurity.org, the Consensus Baseline Security Settings provide detailed steps that administrators can take to make systems more secure. Some of the recommendations go without saying—or at least have been said many times before—but their breadth and depth provide a solid guideline for IT administrators.

Also included is a reporting tool that lets administrators quickly gauge systems compliance with these guidelines. Using the Security Scoring Tool along with the recommendations, eWeek Labs was able to efficiently boost the security settings of several Windows 2000 Professional workstations.

Administrators should keep in mind, however, that the recommendations are explicitly for Windows 2000 Professional workstation implementations. Systems being used as servers would fail many of the recommended settings such as disabling Web and SMTP services.

Many of the settings are clearly optional, as they could disable enterprise applications or make it difficult to work with them. These include disabling Remote Registry Service—a security risk, but nonetheless used by many applications and support personnel.

We found the best way to work with these recommendations was to implement them systematically, then run the scoring tool to gauge progress. The settings recommendations included several registry changes for disabling things such as debugging and autoplays.

In addition to providing an overall score, the Security Scoring Tool generates several useful reports that contain links to patches and other related information. The scoring tool also includes Microsoft Corp.s HFNetChk, which scans Windows systems for missing patches and updates.

East Coast Technical Director Jim Rapoza can be reached at jim_rapoza@ziffdavis.com.

Related stories:

  • U.S. Consensus Standards Likely Enforced
  • Settings Aim to Secure Windows 2000
Jim Rapoza
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information