|
Name |
Guide
to Securing Windows 2000 DHCP |
|
Version |
v1.3 |
|
Status |
Final |
| Creation
Date |
Not
Available |
| Revision
Date |
2002-07-19 |
| Product
Category |
Operating
System - DHCP Server |
| Vendor |
Microsoft
Corporation |
| Product |
Windows
2000 Server DHCP |
| Product
Version |
Windows
2000 Server |
| Product
Role |
DHCP
Server |
|
Checklist
Summary |
The
purpose of this guide is to inform the reader
about the available security settings for Windows
2000 DHCP server and clients in order to safeguard
the DHCP client and server during normal operations,
and how to properly implement these security
settings. The DHCP server service automatically
allocates IP addresses and related TCP/IP configuration
settings to DHCP-enabled clients. The DHCP client
service automatically queries the DHCP server
for an IP address to assign to the client machine.
In addition, this guide documents sources for
the reader to obtain additional guidance for
Windows 2000 DHCP settings. |
| Known
Issues |
Do
not attempt to implement any of the settings
in this guide without first testing in a non-operational
environment. This document is only a guide containing
recommended security settings. It is not meant
to replace well-structured policy or sound judgment.
Furthermore, this guide does not address site-specific
configuration issues. Care must be taken when
implementing this guide to address local operational
and policy concerns. The security changes described
in this document only apply to Microsoft Windows
2000 systems and should not be applied to any
other Windows versions or operating systems. |
| Target
Audience |
This
checklist has been created for IT professionals.
This document is intended for Windows 2000 network
administrators, but should be read by anyone
involved or interested in Windows 2000 security.
Knowledge of Microsoft's DHCP server is assumed;
this includes installation, configuration, and
administration. |
| Target
Operational Environment |
Enterprise
wide distribution. |
| Checklist
Installation Tools |
|
| Rollback
Capability |
Not
Available. |
| Testing
Information |
The
security configuration guide has been extensively
tested in a lab and operational environment. |
| NIAP/CMVP
Status |
|
| Regulatory
Compliance |
|
Comments,
Warnings, Disclaimer, Miscellaneous
|
Prior
to manipulating DHCP settings, ensure that the
latest Windows 2000 service pack and hotfixes
have been installed. |
| Disclaimer |
Do
not attempt to implement any of the settings
in this guide without first testing them in
a non-operational environment. Security configuration
guides are provided for the Department of Defense
and other government agencies requiring security
configuration guidelines. The guides contain
recommended security settings. They are not
intended to replace well-structured policy or
sound judgment. The guides do not address site-specific
configuration issues. Care must be taken when
implementing the guides to address local operational
and policy concerns. All security changes described
in the guides are applicable only to specifically
identified operating systems or architecture
components and should not be applied to any
other operating system or architecture components. |
| Product
Support |
|
| Submitting
Organization/Authors |
National
Security Agency |
| Point
of Contact |
SNAC.Guides@nsa.gov |
| Sponsor |
|
| Licensing |
Refer
to the legal statement provided at:
http://www.nsa.gov/notices/notic00004.cfm?Address=
/snac/os/win2k/w2k_dhcp.pdf
|
| Checklist
Homepage |
http://www.nsa.gov/ia/ |
| Download
Package |
w2k_dhcp.pdf
|
| Integrity |
SHA1
(w2k_dhcp.pdf) =
dea327f48d69d85229b2c4ee00b17cad108e069f
SHA256 (w2k_dhcp.pdf) =
7e1c3e7ec798a1dff0f9d8439c49ae4ad7e35fa59
39fbe7ac8ccd2036dd80ef0
|
| Change
History |
v1.3,
2002-07-19
|
| Dependency/Requirement |
|
| References |
Microsoft
Windows 2000 Server Resource Kit, Microsoft
Press, 2000. |
| NIST
Identifier |
|
