Detroit, MI Questions and Answers Take Charge of your Security (5-18-2006)

Good Day Detroit!  Again thank you for coming out and seeing me at the event and I hope to see you next time I am in town.  You asked a few questions during the show, so here are the answers.  The wireless scripts that I used in the show are available on the DVD ( drive: \Security Tools\Whitepapers) or you can download it for free from here: https://www.microsoft.com/downloads/details.aspx?FamilyID=60c5d0a1-9820-480e-aa38-63485eca8b9b&displaylang=en 

As always feel free to comment if I missed any question or if you need additional information.

Q: How does Small Business Server 2003 (SBS) implement the wireless solutions we discussed and what are the differences?
A:   SBS does come with the Internet Authentication Server.  So the same methodologies that I used during the event will apply to SBS.    In the securing wireless whitepaper in appendix C it talks about tested solutions on different versions of Windows take a look here: https://www.microsoft.com/technet/security/topics/cryptographyetc/peap_c.mspx 
There are a couple of GREAT whitepapers on securing the wireless network for small business:

An there are how 2003 standard works with certificate services.  Consider that Certificate Services in Window Server 2003 Standard Edition does not provide:

  • Auto enrollment of certificates to both computers and users
  • Version 2 certificate templates
  • Editable certificate templates
  • Archival of keys

Q: How do you configure Auto-Logoff i.e. log off users automatically after a period of time?
A:   https://support.microsoft.com/default.aspx?scid=kb;en-us;314999 Download winexit.scr: https://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd&DisplayLang=en 

Q: Are the wireless scripts available for Windows 2000?
A:   Yes, take a look here, also look to the first question in this thread and look into appendix C.
      https://www.microsoft.com/technet/prodtechnol/winxppro/deploy/ed80211.mspx :

Q: Can I recover a cleared log?
A:   I was unable to find any tools to help recover a cleared log file.  However, the log will capture the event that the log file was cleared.

Q: What versions of Windows does the Security Configuration Wizard (SCW) support?
A:
  You can install and run SCW on computers running a Microsoft Windows Server 2003 with Service Pack 1 operating system only.  To learn more about the SCW take a look here: https://www.microsoft.com/windowsserver2003/technologies/security/configwiz/default.mspx 

Q: What are the commands I used in the “forensics” part of the session?
A: Take a look at this blog entry I did for a previous TechNet Event:
https://blogs.technet.com/matthewms/archive/2006/05/02/427040.aspx