Microsoft Windows NT 4.0 and Windows 98 Threat Mitigation Guide

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

Overview

Published: September 13, 2004 | Updated : March 30, 2006

Note: Welcome to the TechNet Archive. We've created this Archive area so that we can continue to make available older content that is still of interest to some of our users. This allows us to streamline the content offerings on the site and keep it focused on the newest, most relevant content.

The Microsoft Windows NT 4.0 and Windows 98 Threat Mitigation Guide describes the process of hardening networks and computers that run earlier versions of the Microsoft Windows operating system. Organizations may have a variety of combinations of computers running Microsoft Windows NT version 4.0 (Workstation, Server, and Advanced Server) and Windows 98, with or without later versions of Windows clients or servers. This guidance focuses on the protective measures that can be applied to Windows NT 4.0 Workstation and Windows 98 clients and Windows NT 4.0 member servers in a Microsoft Active Directory directory service domain environment to improve their security.

This guide was developed, reviewed, and approved by teams of authoritative experts in security. This guide and other security guidance topics are available at the Microsoft TechNet Security Center at https://www.microsoft.com/technet/security/default.mspx.

This guide comprises eight chapters.

On This Page

Chapter 1: Introduction
Chapter 2: Applying the Security Risk Management Discipline to the Trey Research Scenario
Chapter 3: Network Security and Hardening
Chapter 4: Hardening Windows NT 4.0
Chapter 5: Hardening Windows 98
Chapter 6: Patch Management
Chapter 7: Antivirus Protection
Chapter 8: Conclusion
Related Resources
Give Us Your Feedback

Chapter 1: Introduction

Chapter 1 provides an executive summary, introduces the business challenges and benefits surrounding the security of older operating systems, suggests the recommended audience for the guidance, lists the reader prerequisites, and provides an overview of the chapters and solution scenarios in the guidance.

Chapter 2: Applying the Security Risk Management Discipline to the Trey Research Scenario

Chapter 2 details a fictitious company scenario that is used to develop the recommendations in this guidance and explains how an IT generalist would assess the security risks and vulnerabilities of the network infrastructure. Trey Research, the fictitious company in the scenario, has its headquarters in Seattle and field offices in several states throughout the country. The chapter also describes how IT generalists can identify and prioritize their individual organizations' risks and vulnerabilities to generate security requirements that can drive an action plan to mitigate security threats.

The second section of the guidance contains six chapters of prescriptive information for IT administrators and technical managers. Each chapter begins with a discussion of design principles and options and then moves on to the specific hardening measures chosen for the target scenario.

Chapter 3: Network Security and Hardening

Chapter 3 describes network security vulnerabilities and the process of hardening network components (including client and server computers) against these vulnerabilities. The chapter addresses network segmentation, Transmission Control Protocol/Internet Protocol (TCP/IP) stack hardening, and the use of personal firewalls for client protection.

Chapter 4: Hardening Windows NT 4.0

Chapter 4 explains how to harden Windows NT 4.0 (Workstation and Server) by establishing a baseline for the system and then applying specific hardening measures. It describes the importance and methods of physical security and procedures for applying security policies to file, print, Web, and application servers. The chapter discusses the inherent compromises in various security approaches and concludes by describing in detail the most advantageous hardening policies for Trey Research.

Chapter 5: Hardening Windows 98

Chapter 5 explains how to harden Windows 98 clients and applications, and describes methods for applying patches, updates, and security policies to computers running Windows 98.

Chapter 6: Patch Management

Chapter 6 shows how to find out about new updates in a timely manner, implement them quickly and reliably throughout your organization, and ensure that they are deployed everywhere. It describes the compromises of patch management implementations and concludes with a detailed description of the Trey Research patch management system.

Chapter 7: Antivirus Protection

Chapter 7 describes the importance of antivirus software and policies as well as the security and supportability of client-based and server-based antivirus solutions.

Chapter 8: Conclusion

The last chapter provides a brief summary of the hardening processes that were discussed throughout the guidance.

Read other security solutions from the Microsoft Solutions for Security and Compliance (MSSC) team.

Give Us Your Feedback

The Microsoft Solutions for Security and Compliance (MSSC) team would appreciate your thoughts about this and other security solutions.

Have an opinion? Let us know on the Security Solutions Blog for the IT Professional.

Or e-mail your feedback to the following address: SecWish@microsoft.com. We respond often to feedback that is sent to this mailbox.

We look forward to hearing from you.  

Download

Get the Microsoft Windows NT 4.0 and Windows 98 Threat Mitigation Guide

Solution Accelerator Notifications

Sign up to stay informed

Feedback

Send us your comments or suggestions