From: Mike '/m' 


Wouldn't the whole sequence be easier if you were installing behind a
firewall?   Would you need to be as concerned about being wormed?

Also, I don't do W2K SP3.  It's that EULA thng, remember?  :-)

 /m


On Fri, 6 Jun 2003 20:29:22 -0400, "Geo."  wrote:

>"Paul Ranson"  wrote in message
>news:3ee088ab$1{at}w3.nls.net...
>> The W2K I downloaded recently was at SP2.
>
>Care to document the steps to secure that version to current patch levels?
>(you won't believe what it takes).
>
>Here let me do it for you.. (this assumes you are setting up a web server)
>
>Install W2Ksp2
>Install SP3 so  you can go on the web and get IE6 without getting wormed
>connect to web
>Install IE6 from web
>Install SP3 again since IE6 replaces parts of it
>then install these hotfixes in this order:
>Q321599
>Q326830
>Q323759
>Q323172
>Q326866
>Q328145
>Q323255
>Q327696
>Q329414
>Q329115
>Q329170
>Q810030
>Q810649
>Q810833
>Q324096
>Q324380
>Q324929
>Q328310
>Q329834
>Q318203
>Q815021
>JS56NEN2K (JAVA HOTFIX)
>Q331953
>Q816093
>Q811493
>Q330994
>Q813489
>Q811630
>Q811114
>Q817772 (only if you have media server running)
>
>Those done in that order will patch a web server, also if you want you can
>add:
>Q814033
>Q329553
>
>which are critical patches for windows update features (patching the
>patcher?) but are not needed to secure a web server. Also I've not included
>any patches for local exploits, only remote.
>
>Geo.
>

--- BBBS/NT v4.01 Flag-4