in trouble with this class

Alright, I'm taking a security class "securing the infrastructure"

I just transferred in to the four year school and this is the first class of the first semester there.
Well everyone in the class copied an image for windows 2000 server and I found out that we
have to security the server os without updates, ad, and we can't have a firewall.

I've been trying to do some research on how to protect the OS but I'm not really familiar with
windows 2000. I need to protect the OS because people will be trying to break into the OS.
After they're done, my teacher will for sure break in. We have people on the cyber defense team
at school who are in our class so I'm sure that they have experience with breaking into and protecting systems.

I know to turn off the services that won't be needed but we have requirements for certain services to
be enabled. Such as ftp, webserver, file share, remote management, and other things.

Our teacher included tools like snort, nmap, and nesses on the image. He told some of us that if
we had a honeypot then that would help in some way with the score, I think. I didn't know a honeypot
could be put on an OS. So I've been looking for honeypots to put on the 2000 server.

The ip address is stuck to 192.168.10.2. I can't change it. Now I'm working on scanning the ports for the
image in vmware. I'm using this string "nmap -S 192.168.1.103 192.168.1.48 -PN -e eth1". So I can do IP
spoofing because nmap won't let me scan my computer. I'm going to pick up the nmap book asap.

One of the students asked if they could use BT on the laptop that they have. I'm going to have to run out
and get a laptop HD and install BT on it and buy the book for BT.

Does anyone know any books that could help me out? Anything else I should be looking into?? I want to learn
as much as possible and still recieve a high mark in the class. I'm pretty sure I'm going to get my butt kicked.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

demonfurbie

turn IMCP echo request off
block tcp/upd port 135~139

run nmap from the host os to the vm
if your not hacking wireless there should be no reason not to be able to run backtrack from a vm

and a honey pot is a differant install of the same or simmilar os with less security to attract hackers to the less secure one

edit: is there even a book on backtrack??

Everyone

demonfurbie wrote: »

turn IMCP echo request off
block tcp/upd port 135~139

run nmap from the host os to the vm
if your not hacking wireless there should be no reason not to be able to run backtrack from a vm

and a honey pot is a differant install of the same or simmilar os with less security to attract hackers to the less secure one

edit: is there even a book on backtrack??

Start with these: http://www.nsa.gov/ia/_files/os/win2k/w2k_file_disk_resource.pdf
http://www.nsa.gov/ia/_files/os/win2k/w2k_group_policy_toolset.pdf
http://www.nsa.gov/ia/_files/os/win2k/w2k_router.pdf
Security configuration guidance support

EDIT: Here is what I was looking for, all the NSA guides for Server 2000 are here: Current Guides - NSA/CSS

hiddenknight821

demonfurbie wrote: »

edit: is there even a book on backtrack??

Yep. Here it is. Backtrack 4: Assuring Security by Penetration Testing

jamesleecoleman

Thanks for the advice everyone!

demonfurbie

hiddenknight821 wrote: »

Yep. Here it is. Backtrack 4: Assuring Security by Penetration Testing

wow thanks for the link ive just been using it so long i guess i take the knowledge for granted