Your location:Tech News>OS>Windows Sever>Windows Server Security Settings

Latest News

Windows Server Security Settings

Author:fsadmin

Views:

1. Cancel hidden folder sharing. By default Windows 2000/XP will enable hidden sharing of all partitions. Select from the 'Control Panel/Administrative Tools/Computer Management' window. ;System Tools/Shared Folder/Share\u0026rdquo; you can see that each partition name on the hard disk has a \u0026ldquo;$\u0026rdquo; added after it. But as long as you type 'computer name or IPC$' the system will ask for the user name and password. Unfortunately most personal user system Administrator passwords are empty and the intruder can easily see the contents of the C drive. Brings great hidden dangers to network security.
How to eliminate the default sharing? The method is very simple open the registry editor enter 'HKEY_LOCAL_MACHINESYSTEMCurrentControlSetSevicesLanmanworkstationparameters' create a new double-byte value named 'AutoShareWKs' and set its value to '0' ; and then restart the computer so that the sharing is cancelled. Turning off 'File and Print Sharing' should be a very useful feature but it is also a good security hole for hackers when it is not needed. So when there is no need to 'file and print sharing' we can turn it off. Right-click the 'Network Neighborhood' select 'Properties' and then click the 'File and Print Sharing' button and the two check boxes in the 'File and Print Sharing' dialog box that pop up Just remove the hook in the box. 2. Prohibit the establishment of empty connections Open the registry editor enter \u0026ldquo;HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Lsa\u0026rdquo; change the key value of the DWORD value \u0026ldquo;RestrictAnonymous\u0026rdquo; to \u0026ldquo;1\u0026rdquo;. 3. Delete unnecessary protocols For the server it is enough to install only the TCP/IP protocol. Right-click 'Network Neighborhood' select 'Properties' then right-click 'Local Area Connection' select 'Properties' and uninstall unnecessary protocols. Among them NETBIOS is the source of many security flaws. For hosts that do not need to provide file and print sharing NETBIOS bound to the TCP/IP protocol can also be turned off to avoid attacks against NETBIOS. Select \u0026ldquo;TCP/IP Protocol/Properties/Advanced\u0026rdquo; enter the \u0026ldquo;Advanced TCP/IP Settings\u0026rdquo; dialog box select \u0026ldquo;WINS\u0026rdquo; tab check \u0026ldquo;Disable NETBIOS on TCP/IP\u0026rdquo; item close NETBIOS. Fourth disable unnecessary services: Automatic Updates (automatic update download) Computer Browser DHCP ClientDNS ClientMessengerPrint SpoolerRemote Registry (remote registry modification) Server (file sharing) Task Scheduler (scheduled task) TCP/IP NetBIOS Helper Theme (desktop theme) Windows AudioWindows TimeWorkstation Fifth change the administrator account
Administrator account has the highest system authority once the account is used the consequences will be disastrous. One of the common methods of hacking is to try to obtain the password of the Administrator account so we have to reconfigure the Administrator account.
First set a strong and complex password for the Administrator account (personally recommend at least 12 characters) then we rename the Administrator account and then create an Administrator account without administrator rights to deceive the intruder. In this way it is difficult for the intruder to figure out which account really has administrator rights which reduces the risk to a certain extent. Six disable Guest and other unused accounts. Many intrusions are further managed through this account. Password or authority. If you don't want to use your computer as a toy for others it is better to ban it. Open the control panel double-click 'Users and Passwords' click the 'Advanced' tab and then click the 'Advanced' button to pop up the local user and group window. Right-click on the Guest account select Properties and select 'Account is disabled' on the 'General' page. In addition renaming the Administrator account can prevent hackers from knowing their administrator account which will ensure computer security to a large extent. 7. Preventing Trojan Horse Programs
Trojan horse programs will steal useful information embedded in the computer so we also need to prevent hackers from implanting Trojan horse programs. Common methods are:
● Put it first when downloading files Go to the folder created by yourself and then use anti-virus software to detect play a preventive role in advance.
● In the 'Start'\u0026rdquo;\u0026rarr;\u0026ldquo;Program\u0026rdquo;\u0026rarr;\u0026ldquo;Start\u0026rdquo;or\u0026ldquo;Start\u0026rdquo;\u0026rarr;\u0026ldquo;Program\u0026rdquo;\u0026rarr;\u0026ldquo;Startup\u0026rdquo; If there are any running items just delete them.
● Delete all suspicious programs prefixed with \u0026ldquo;Run\u0026rdquo; under HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run in the registry. 8. If the web service is opened the IIS service needs to be configured for security:
(1) Change the home directory of the web service. Right-click \u0026ldquo;Default Web Site\u0026rarr;Properties\u0026rarr;Home Directory\u0026rarr;Local Path\u0026rdquo; point the \u0026ldquo;Local Path\u0026rdquo; to another directory.
(2) Delete the original Inetpub directory installed by default. (Or change the file name)
(3) Delete the following virtual directories: _vti_bin IISSamples Scripts IIShelp IISAdmin IIShelp MSADC. 9. Open the audit policy Windows default installation does not open any security audit so you need to enter [My Computer]\u0026rarr;[Control Panel]\u0026rarr;[Management Tools]\u0026rarr;[Local Security Policy]\u0026rarr;[Audit Policy] to open the corresponding Review. The system provides nine types of auditable events. For each type you can specify whether to audit success events failure events or both. Audit policy changes: success or failure. Login events: success and failure. Object access: failure event process tracking: Choose directory service access according to your needs: Failure event Privilege usage: Failure event System event: Success and failure Account login event: Success and failure Account management: Success and failure Ten install the necessary security software
We should also be in the computer Install and use necessary anti-hacking software anti-virus software and firewall are all necessary. Turn them on when you are online so that our safety is guaranteed even if there are hackers attacking us. Of course we should not install some unnecessary software such as some QQ chat tools so as to provide as few backdoors as possible to hackers. Finally I suggest you patch your own system. Microsoft's endless patches are still very useful. .?Windows server security settings experience in detail

Recommend article

Relate article