Download: Server Core Potential Security Benefit

Download: Server Core Potential Security Benefit — Thu, 12 Jun 2008 22:50:47 GMT

PingBack from http://www.windows-vista.luiscorreia.com/download-server-core-potential-security-benefit/

re: Download: Server Core Potential Security Benefit

ITI — Fri, 13 Jun 2008 11:49:00 GMT

Hi there.

I've two noob-questions about Core concept:

Sure, with Core Srvr, MS reduce the "surface" of attack. But what about features that we use since severals years, like remote admin, automated actions (not batches, but with interaction between server logs and processes) and so one ?

And how MS solve the auto-update and patches deployments with Srv Core ?

Do you have a point of view about all of that, please ?

I'm looking for more informations about Core concept, not only concepts but reals cases.

Thx for your (this) blog.

Windows Server Core et la sécurité

pascals.blog — Mon, 16 Jun 2008 00:53:44 GMT

Jeff Jones étudie dans un court rapport publié il y a quelques jours l'impact de l'installation "Core"

re: Download: Server Core Potential Security Benefit

ITI — Mon, 16 Jun 2008 09:45:00 GMT

Thanks for your answer - in french- , Pascal. But I've search and ... nothing. Do you have a link, please ?

Best regards.

re: Download: Server Core Potential Security Benefit

jrjones — Wed, 18 Jun 2008 21:25:39 GMT

ITI,

There are two installation options - standard or "core". It may be that the standard features you have used for years are there to use in core (don't know, it could be a broad set of stuff).

If not, then the standard install would still have it and that is more modular and "secure by default" than the predecessor as well. In WS2003, non-active roles were mostly installed and present, perhaps just the service was not on. In WS2008, non-active role components are not actually installed - so the modularity is better and reduced surface area.

Jeff

re: Download: Server Core Potential Security Benefit

SamYeager — Thu, 19 Jun 2008 10:57:49 GMT

I am unclear whether you are assessing patches against the theoretical W2003 server core with no additional roles installed or the theoretical W2003 server core plus the potential roles such as DNS server or web services.

I presume the same question will be asked once you start assessing the vulnerability of W2008 server core.

re: Download: Server Core Potential Security Benefit

jrjones — Thu, 19 Jun 2008 22:02:20 GMT

Sam,

The numbers in this report for the theoretical Server Core role assume that all optional roles are enabled - dns, dhcp, active directry, IIS, etc. We compared against "is it a shipping component", as opposed to a component that is installed by default and may be enabled later.

I am working on my WS2008 90 day now and looking at three general scenarios:

* WS-all, issues affecting any shipping component

* WS-gui, issues affecting any component installed by default

* WS-core, issues affecting any shipping component of SCore, whether installed or not

Over time, I may break the analysis for SCore down into different role components, but for now I'm keeping it relatively simple.

Jeff

Benefices en terme de securite a utiliser le mode d installation Server Core

Stanislas Quastana's WebLog on TechNet — Wed, 02 Jul 2008 12:18:36 GMT

Jeff Jones vient de publier un document sur son blog ( http://blogs.technet.com/security ) dans lequel

Benefices en terme de securite a utiliser le mode d installation Server Core

Stanislas Quastana's WebLog — Wed, 02 Jul 2008 12:18:48 GMT

Jeff Jones vient de publier un document sur son blog ( http://blogs.technet.com/security ) dans lequel

Benefices en terme de securite a utiliser le mode d installation Server Core

Site d'informations sur Windows Vista et Windows Server 2008 — Fri, 11 Jul 2008 12:59:39 GMT

Jeff Jones vient de publier un document sur son blog ( http://blogs.technet.com/security ) dans lequel

Analyzing the Server Core Updates Estimate

The things that are better left unspoken — Wed, 22 Oct 2008 17:56:07 GMT

One of Server Core's touted benefits is it requires less security updates. Jeff Jones did some interesting