proper Win2K Server install/config : how-to?

  • Thread starter Thread starter johndoe
  • Start date Start date
J

johndoe

Are there any white papers, articles, books, etc. on how to securely
configure a newly installed server -- any guidelines or checklists you can
recommend?

I mean, we've all done this countless times (install, that is), but is there
a "scientific" way that we can follow?

People here want to make sure that everything is set up "correctly" from the
get-go...


Thanks a lot.
 
Well it depends a lot on the role of the server and what kind of clients it needs to
work with. Downlevel W9X and NT computers need less stringent security to work with a
W2K server than W2K/XP Pro computers do.

Of course installing service pack and critical updates are a good start as are
disabling unneeded services - particularly telnet and IIS and it's components if not
needed. Changing the default ntfs permissions on the drive/root folder to make sure
everyone and users have no more than read/list/execute and making sure the
administrators account password is complex, and enabling auditing of logon events for
success and failure is also good practice. The links below may be helpful. -- Steve

http://www.microsoft.com/technet/security/chklist/w2ksvrcl.mspx
http://www.microsoft.com/technet/security/prodtech/win2000/win2khg/default.mspx
http://www.infosec.uga.edu/windows.html
 
Back
Top