Internal Network Assessment

[stockcarsrus]

Hi, we recently had a consultant do an internal network
assessment. They found that we had excessive services
running on some servers. They say that Microsoft "out of
the box" configurations are to allow new systems to work
quickly and easily.

I would like to know where I can find information on all
of the services with Windows 2000 advanced server and if
there is a checklist or something like that to use to
make sure that there are no services running that don't
have to be.

For example:

Run Exchange 2000 on a server. What services don't you
need to have running that would allow the server to be
compromised?

Thanks for any reply

 

[Matt Anderson]

Hi, we recently had a consultant do an internal network
assessment. They found that we had excessive services
running on some servers. They say that Microsoft "out of
the box" configurations are to allow new systems to work
quickly and easily.

I would like to know where I can find information on all
of the services with Windows 2000 advanced server and if
there is a checklist or something like that to use to
make sure that there are no services running that don't
have to be.

For example:

Run Exchange 2000 on a server. What services don't you
need to have running that would allow the server to be
compromised?

Thanks for any reply

Your consultant didn't provide this? A client would shoot me if I told them
they had too many services running and didn't tell them what to turn off!

I think this information is going to be published in the security resource
kit. It's hard for me to suggest without knowing what's on your server and
what is going to break if I tell you to turn something off.

Matt
MCT, MCSE

 

[Guest]

Hi Matt,

I'll give you an example of what they gave me...

"Hole".... "Excessive services can leave more means of
compromise. All systems should have only services
required to support operations enabled."

So that means nothing to me... The security resource kit
that you mentioned where do I locate that?

Thanks