New security guidance from MSS

Microsoft Solutions for Security (MSS), put out a ton of great security guidance last week. I'll try to headline some of this on MSDN, but I wanted to get out the complete list for those interested.

The Services and Service Accounts Security Planning Guide
This guide addresses the common problem of Windows services that are set to run with highest possible privileges, which an attacker could compromise to gain full and unrestricted access to the computer or domain, or even to the entire forest.

The Security Monitoring and Attack Detection Planning Guide
This guide describes how to plan a security monitoring system on Windows-based networks. This system can detect attacks that originate from internal and external sources

The Secure Access Using Smart Cards Planning Guide
Smart cards provide particularly effective security control in two scenarios: to secure administrator accounts and to secure remote access. This guide concentrates on these two scenarios as the priority areas in which to implement smart cards.

The Administrator Accounts Security Planning Guide
This guide provides prescriptive guidance in terms of the steps you can take to secure your local and domain-based administrator-level accounts and groups.

Implementing Quarantine Services with Microsoft Virtual Private Network Planning Guide
This guide describes the challenges in planning and implementing quarantine services with VPN through the new features available in Microsoft® Windows Server™ 2003 with Service Pack 1 (SP1).

Microsoft Identity and Access Management Series
This series of papers provides numerous identity and access management concepts, techniques, and solutions. It has been updated to describe several password management approaches including password policies, as well as enabling password reset, password change, and password synchronization to multiple authentication stores using Microsoft® Identity Integration Server 2003, Enterprise Edition (MIIS 2003). Also see this paper.

Also be sure to check out their blog for regular updates.