• a worthy reference article: http://www.pcworld.com/features/article/0%2Caid%2C44543%2C00.asp
• Security tips for Windows users: http://www.speedguide.net/Cable_modems/cable_security.shtml
• Home Network Security from CERT: http://www.cert.org/tech_tips/home_networks.html
• from the "National Cyber Security Alliance"/U.S. Chamber of Commerce http://www.staysafeonline.info/index.adp
• FAQ for microsoft.public.*.security groups: http://securityadmin.info/faq.htm
• RFC 2196, the "Site Security Handbook"
• The Enemy Within: Firewalls and Backdoors

Key Sites and Portals:

• InfoSysSec Portal for Information System Security Professionals

Stealth and Security Tests:

• Secure-Me: http://www.dslreports.com/secureme
• Lockdown Corp: http://stealthtests.lockdowncorp.com/
• GRC/Shields_Up: http://www.grc.com  -follow links to Shields Up
• Hack Yourself: http://hackyourself.com/
• SecuritySpace.com: http://www.securityspace.com/
• a page of links at wilders.org: http://wilders.org/free_services.htm
• a page of links at SecurityAdmin.info: http://securityadmin.info/faq.htm#portscan

a pub from the FTC with screwed-up, reversed, priorities: http://www.ftc.gov/bcp/conline/edcams/infosecurity/

w2k Installation and Update:

• List of Sequential Updates
• TechNet Toolkit
• Preliminary Configuration
• Baseline Security Checklist

w2k Configuration [Security Guides]: (I recommend that you get them all, including templates for secedit.exe)

• Center for Internet Security: http://www.cisecurity.org/bench_win2000.html
• NSA: http://nsa1.www.conxion.com/win2k/
• NIST: http://csrc.nist.gov/itsec/

Free downloads for Microsoft users: from one of several locations

9x: winipcfg.exe 2k: ipconfig.exe

This util can help associate some open ports with running processes: http://www.sysinternals.com/files/tcpview.zip

Detecting and Removing Trojans and Malicious Code from w2k Systems: http://online.securityfocus.com/infocus/1627

It's October 1992 and there is still email software in widespread general use which will run infected attachments automatically. God save us from GWB and MS.
The W32/Bugbear worm attempts to exploit a MIME and an IFRAME vulnerability in some versions of Microsoft Outlook, Microsoft Outlook Express, and Internet Explorer. These vulnerabilities allow an executable attachment to run automatically, even if you do not double-click on the attachment.
--http://www.sophos.com/virusinfo/analyses/w32bugbeara.html

Hosting Solutions:
use nms Scripts from http://nms-cgi.sourceforge.net/scripts.shtml

Windows autostarting culprits: http://www.tlsecurity.net/auto.html

Before you invest in Windows/XP, read this: http://www.hevanet.com/peace/microsoft.htm

I wonder if this is solved yet ... http://archives.neohapsis.com/archives/bugtraq/2000-03/0092.html