The NSA Gives Their Two Cents On Securing XP/2K/NT

← Back to Stories (view on slashdot.org)

The NSA Gives Their Two Cents On Securing XP/2K/NT

Posted by timothy on Tuesday April 22, 2003 @12:38PM from the plus-inflation dept.

caino59 writes "Thier site is already slow, and must be taking a hit, but the NSA has released several guides on Securing Windows XP, Windows 2000, and Windows NT. Now go out and download the guides, and /. the NSA!"

36 comments

They call it the "power" button by JustAnOtherCodeSerf · 2003-04-22 12:46 · Score: 5, Funny

Just switch it to the "off" position... website secure :)

--
-=sig=-
1. Re:They call it the "power" button by vidnet · 2003-04-22 19:14 · Score: 1
  
  And response times are cut in half!
  Sorry, that was a cheap one.
Wait! Don't... by cyphem · 2003-04-22 12:48 · Score: 1, Funny

The NSA might take this for a DDOS attack and make Georgy start a war on slashdot!

On the other hand... This might 'free' us innocent slashdotters from the CowboyNeal regime... yay!

;)
cy

--
Reading this signature is senseless so don't do it.
better idears... by Anonymous Coward · 2003-04-22 12:48 · Score: 1, Funny
these guides could have been much much simpler to write. Why I could do that in this post:
1. Purchase Windows product.
2. Receive shrink-wrapped package.
3. Place shrink-wrapped package in closet.
4. Lock closet
5. Throw key into nearest incinerator.
There. Simple, quick, and easy to follow.
The only way... by sICE · 2003-04-22 12:54 · Score: 2, Funny

... to secure a win box is to put it in concrete and throw it deep in the ocean.

--

--
-- search the web
great logic by larry+bagina · 2003-04-22 12:54 · Score: 3, Insightful

download the guides and slashdot the NSA....
After all, the majority of slashdot readers use windows NT/2000/Xp.

--
Do you even lift?
These aren't the 'roids you're looking for.
1. Re:great logic by GimmeFuel · 2003-04-22 12:57 · Score: 2, Funny
  
  You can still download them; just don't bother reading them.
  
  --
  live(free) || die;
2. Re:great logic by Anonymous Coward · 2003-04-22 13:21 · Score: 1, Interesting
  
  After all, the majority of slashdot readers use windows NT/2000/Xp.
  Maybe you're trying to be sarcastic, but it's true. Most readers of slashdot surf in on Windows.
  Plus, I would bet at least a couple of slashdot readers have "jobs", and when you have a "job" it's often in your best interest to be knowledgable about the subject.
  Sure, be high and mighty about Linux, but someone's gotta run those Windows machines for the unwashed masses.
3. Re:great logic by Anonymous Coward · 2003-04-22 17:59 · Score: 0
  
  Nah. By now, everyone expects Windows machines to be crashed/broken/updating themselves. Just tell the masses that all the windows boxes are performing critical updates relating to the HAL or something.
I hate to point this out... by Blaise · 2003-04-22 12:55 · Score: 4, Informative

but the page hasn't been updated since november 2002. I've had these guides, which are excellent BTW, for all of 2003.

It even says so at the bottom of the page.
1. Re:I hate to point this out... by sICE · 2003-04-22 13:02 · Score: 1
  
  bah, windows xp wasnt updated since a long time too. perhaps SP1a in march, to fix the new bug provided by SP1... well, all in all it shouldn't be worse.
  
  --
  
  --
  -- search the web
2. Re:I hate to point this out... by caino59 · 2003-04-22 13:26 · Score: 3, Informative
  
  actually, check the "What's new or Updated" link
  
  here for the lazy.
  
  says the win2k guide updated next month ;oP
  
  5-Mar-03
  
  and yes, the cisco guide is a bit old at 10-feb-03 and the xp guide even older at 6-feb-03(my b-day!)
  
  and i think a lot of people out there that have to maintain Microsoft servers, so this may be advantageous to someone...
is it just me..... by Anonymous Coward · 2003-04-22 12:59 · Score: 0

or does the "Related Links" box at the upper-right part of the page (next to the write-up) contain an extra link, above the links for the guides?
No, it isn't just you by Tim_F · 2003-04-22 13:11 · Score: 0, Troll

Slashdot seems to have thrown in more advertising. Trying to pass that off as a "related link" is simply wrong. Anyone wishing to compare prices on computer hardware and software will know where to go anyway.

Slashdot got rich off of the backs of opensource programmers. And now they're trying to make even more money by getting their unsuspecting readers to click on ads that don't look like ads. I think you should boycott slashdot immediately.
Re:Windows Server? by GigsVT · 2003-04-22 13:29 · Score: 0, Offtopic

2 minutes between postings on any 1 story = OK. 2 minutes between postings on different stories != OK.

Yeah, no shit. I mean, when someone goes to pick up their messages from the message system, they usually reply to all their replies all at once. I guess Taco et al must type about 5 wpm so he doesn't notice how obnoxious the system is.

--
I've had enough abrasive sigs. Kittens are cute and fuzzy.
this is OLD information by Anonymous Coward · 2003-04-22 14:02 · Score: 0

it's been around for several years. the XP docs are a recent (6 months?) add.
Download times and size are interesting... by (H)elix1 · 2003-04-22 16:39 · Score: 2, Interesting

I'll have some quality time on the airplane, so I will probably browse what they wrote. What is struck me as interesting was large and how long mozilla's download manager says it will take to get the zip files.

Win2K - 13,008KB, ~1.4 hours
WinNT - 1,282 ~ 10 minutes
WinXP - 1,713 ~12 minutes

--
+++ UGUCAUCGUAUUUCU
Conflict of interest by mfh · 2003-04-22 18:28 · Score: 3, Funny

Wouldn't it be ahh... against the NSA's true interests to tell people how to secure private machines better?

--
The dangers of knowledge trigger emotional distress in human beings.
1. Re:Conflict of interest by Anonymous Coward · 2003-04-22 22:52 · Score: 0
  
  Or could it just be that they're helping to defend the nation? Seems like you and so many other people on this website fail to see the true value of an organisation such as this. Instead you prefer to fabricate stories of illegal intrusion into your lives to gain a few meaningless karma points from this sorry excuse for a student feel-good message board.
2. Re:Conflict of interest by Anonymous Coward · 2003-04-23 01:50 · Score: 0
  
  Ah, don't worry about that. Bill's insured that the citizens can be sufficiently protected from themselves.
3. Re:Conflict of interest by TheLink · 2003-04-23 04:11 · Score: 3, Insightful
  
  Nope. After all they're in charge of National Security.
  
  If they need access to a private machine I'm sure it's trivial for them in most cases.
  
  I'd think the difficulty for them is probably figuring out _who_ to give extra special interest to. Given the many enemies of the USA, they've probably got a big list of whos.
  --
  
  Too many replies beneath your current threshold
Wait a minute.... by Repran · 2003-04-22 23:57 · Score: 2, Interesting

Doesn't freely available security support terrorism by its very nature?

--
-- Contradictions only exist in thought - not in reality.
yup it's dying by Anonymous Coward · 2003-04-23 01:23 · Score: 0

mind telling that to Apple? Oh yeah, Apple's dying too right?
/. as a DDOS tool by Anonymous Coward · 2003-04-23 03:35 · Score: 0

The exhortation to /. the NSA in the story (which, btw, is probably a terrorist act :-) made me think about the power wielded by Taco et al. Seriously, these guys can take out virtually any site they want just by posting a story.

Take them down before they post again!
Conxsion Mirror by gato_mato · 2003-04-23 04:30 · Score: 0, Redundant

If you are tired of downloading the guides @ the snail mail pace of the NSA site since it got /.ed check out the NSA mirror @
http://nsa1.www.conxion.com/
Gato
1. Re:Conxsion Mirror by Anonymous Coward · 2003-04-24 01:26 · Score: 1, Informative
  
  instead of cutting and pasting above site click here
Isn't it ironic... by Cheetahfeathers · 2003-04-23 06:43 · Score: 1

We're gunna trust an agency that _wants_ to spy on us on advice about how to secure a system so it can't be broken into as easily? Um... ok. :)
1. Re:Isn't it ironic... by LordMyren · 2003-04-24 07:16 · Score: 1
  
  They dont want to spy on us,
  Its only their job.
2. Re:Isn't it ironic... by ocelotbob · 2003-04-24 08:21 · Score: 4, Insightful
  
  It's not as simple as it seems. The NSA is essentially two organizations -- one whose job it is to break communications, another whose job it is to make sure communications don't get broken. This even means helping industry with codes - they had a major say in portions of DES, in which they designed portions such as the S-Boxes so that they were less vulnerable to still classified (at the time) types of cryptoanalysis. This isn't to say that one should blindly trust the NSA in matters of security, only to say that things are more complex than many would believe upon casual inspection.
  
  --
  Marxism is the opiate of dumbasses
3. Re:Isn't it ironic... by Anonymous Coward · 2003-04-24 08:50 · Score: 0
  
  You mean like the NSA Linux distro that came out a few months ago?!?!?
Someone Realized by LordMyren · 2003-04-24 07:05 · Score: 2, Interesting

-PGP has been out for years,
-its too late
-they're either already using encryption or will not be
-maybe might as well help normal people secure they're information

And every copy of Windows has one backdoor for CIA, NSA, FBI, Homeland and the three other agencies your not classified to know about.
Old news, kinda by oaf357 · 2003-04-24 09:27 · Score: 1

I've been using their Cisco guide for a few years now. It's updated quite often and is at least a good read for those looking into double checking their IT security.