Object Access ; failure
ten, run the server documents the current plan and open the port
If there is certainly no unique needs can use the default configuration UrlScan.
Laptop or computer Browser: maintenance of network pc updates,
Office Pro 2007 Key, disable
If you ever page is. asp web page you have to eliminate DenyExtensions. asp-related content.
add - identify to Web Filter - Click Add - type in the description Internet server - any IP source address is set to deal with - the vacation destination deal with as my IP handle - protocol sort is set to Tcp - IP protocol port the very first set from any port, this port 80 second - Click Finish - Click Okay.
seven, disable DCOM:
Distributed File System: LAN management of shared files, without having having to disable
xp_cmdshell: is the very best strategy to entry the working technique, delete
3, shut down undesirable companies, The following is the suggested choice
new DWORD worth named IGMPLevel 0
an, Windows Server2003 set up
public paperwork;
1, don't make use of the default Web internet site, for those who make use of the IIS directory need to be separated using the method disk.
two, delete the Inetpub directory produced by IIS by default (in setting up the method tray).
three, delete the virtual directory under the method tray, for instance: _vti_bin,
Microsoft Office Home And Stude/nt 2010, IISSamples, Scripts, IIShelp, IISAdmin, IIShelp, MSADC.
4, eliminate pointless IIS extension mapping.
right-click Mainly. Shtml,. Shtm,. Stm
five. to avoid ICMP redirect messages attacks
If your web page makes use of a non-ASCII code, you are going to should AllowHighBitCharacters Alternative segment, set the worth one
the alterations produced towards the URLScan.ini file, you have to restart IIS services to take impact, fast method to run, type iisreset
4, delete the following extended stored procedure format: use grasp sp_dropextendedproc ' extended saved procedure title '
Run, sort Dcomcnfg.exe. Enter, click on the Open the
for your local computer, right-click Pick
apparent
Note :3-6 products I use Server2000 is set, not examined on the 2003 is working. But one factor is particular for a while I did not uncover another facet of Vice.
six, configure IIS expert services:
When you configured any problems, it is possible to add / Eliminate Software programs to remove UrlScan.
should you go by this operation, the proposed modifications to every do a check server, if one can find problems it is possible to immediately undo the alter. The If you ever change a lot more than the variety of things, only to acquire complications, it is challenging to figure out where the challenge is one stage on the.
set the value to EnableICMPRedirects is 0
5, hidden SQL Server, change the default port 1433
4, MSSQL and it wants to set up the software program after which Update.
5, using the Microsoft supplied MBSA (Microsoft Baseline Protection Analyzer) device to analyze the computer's security configuration, and determine missing patches and updates. Obtain: Begin to see the end from the website link page
might be completely concealed to modify the registry:
3, to stop SYN flood attacks
HKEY_LOCAL_MACHINE System CurrentControlSet Expert services Tcpip Parameters Interfaces interface
but should you run ASP.Internet about the server plan, and you have to open the debug% WINDIR% System32 Inetsrv URLscan
right-click the instance select Properties - General - Network Configuration, pick TCP / IP protocol properties Understanding SQL Server instance,
Office 2007 Ultimate Key, and alter the initial default 1433 port.
privilege use Failure
open the registry , HKEY_LOCAL_MACHINE Program CurrentControlSet Providers lanmanserver parameters, in the correct window, the new Dword worth name to AutoShareServer worth to 0
add - identify to all inbound Filter - Click Add - Enter inside the description all inbound filtering - set the source tackle of any IP address - the destination handle as my IP address - any protocol sort set - click on Subsequent - Complete - Click on Ok.
URLScan.ini file folder, and then add the debug verb in UserAllowVerbs part, observe that this section is case-sensitive.
two, elevate the NetBios and TCP / IP protocol bindings
right-click My Network Places - Properties - Right-click Nearby Region Connection - Properties - Double-click World-wide-web Protocol - High-Wins-disable TCP / IP about the NETBIOS
4, open the suitable audit coverage
PrintSpooler: If no printer may be disabled
two, within the situation of disconnected in the network set up in 2003 method
program occasion achievement or failure
logon activities good results and failure
three, the filter operation within the management choices for the following click on Add - the following phase - enter the identify of preventing - the next action - pick to block - the next stage - total - near the management of IP filter lists and filter operation window
one, the process will capture the existing server or recorded, conserve it for later on comparison to see if you'll find unidentified plans.
2nd, set up and handle accounts
Distributed linktracking consumer : update the connection information and facts for your LAN, without acquiring to disable
Remote Desktop Help Session Manager: Prohibition of Remote Assistance
HKEY_LOCAL_MACHINE System CurrentControlSet Companies Tcpip Parameters
1, Method Administrators function is greatest not far more than two
one,
Microsoft Office Pro Plus 2007, Administrative Resources - Nearby Security Coverage - Right-click IP Security Policies - Handle IP filter lists and filter steps - in the management of IP filter lists choices clicks
NTLMSecuritysupportprovide: telnet services and Microsoft Serch use, don't disable
9, it is recommended
three, installation of IIS, IIS only set up the required components (including FTP and disable undesirable SMTP services). By default, IIS service is not put in within the Add / Eliminate Win Components, pick p> Web Info Expert services Manager;
four, right-click IP Security Policies - Make IP Protection Coverage - the following phase - the name with the input data packet filters - the next step - to cancel the default activation response principle - Next - End
one, top to lessen the development of your method administrator account, change the default administrator account name (Administrator) and description, password, finest digital plus uppercase and lowercase letters plus numbers on the Shift essential mixture, the most effective length of not much less than 14 bits.
two, generate a new account named Administrator of the trap, to set the minimum permissions, after which casually enter the most beneficial mixture of not less than 20-bit password
Background Intelligent Transfer Service (BITS) Server Extensions;
1, towards C $, D $, ADMIN $ share class for the default
8, making use of WIS (Web Injection Scanner) instrument about the whole Internet site SQL Injection vulnerability scans.
Remote Registry: Prevent remote modification of the registry
right-click
seven, working with UrlScan
3, don't use Sa account, to configure a super complex password
the Planet Wide Web service.
For anyone who is using FrontPage extended Web web page after which check: FrontPage 2002 Server Extensions
six. do not support the IGMP protocol
Directory Services Entry Failure
prosperous account logon activities Failure
five other security-related configurations
1, hide critical files / folders
two, in case the device is finest to login authentication configuration for that Win
new DWORD value named SynAttackProtect, a value of 2
4. Prohibition Discover response to ICMP routing messages
six, IP security coverage within the ideal window, right-click the brand new packet filter, click around the assignment, don't restart , IPSec might be efficient.
five, alter the IIS log route
Microsoft Serch: to give fast phrase search, don't disable
six, in case you are making use of 2000 you may use iislockdown to safeguard IIS, IE6.0 operating within the 2003 version doesn't need to have.
coverage change achievement or failure
3, the Visitor account Disable and change the name and description, then enter a complicated password, obviously, now there is certainly a DelGuest instrument, maybe you could also use it to remove the Visitor account, but I have not tried.
4, enter the run type gpedit.msc to open Group Coverage Editor, pick Pc Configuration-Windows Settings - Safety Configurations - Account policy - account lockout policy, the account is set to
five, within the Safety Configurations - Nearby Policies - Protection Options will probably be, allocation of rights might be For anyone who is making use of Asp.web still maintain Aspnet account.
seven, to generate a User account, working method, when you desire to run privileged instructions using the Runas command.
Third, network services protection management
8, if only the server, not the other operations, using IPSec
stored process to entry the registry, delete Xp_regaddmultistring Xp_regdeletekey Xp_regdeletevalue Xp_regenumvalues ; Xp_regread Xp_regwrite Xp_regremovemultistring
5, at the opening in the new IP Protection Policy Properties window, pick Add - the following step - do not specify a tunnel - the following phase - all network connections - the following stage - in IP filter list,
Windows 7 Professional, choose the new Internet Filter - the following stage - a filter operation within the Pick License - Subsequent - Finish - The IP filter checklist, choose the brand new filter to prevent - the following stage - - Pick the filter action to quit - the next phase - total - Okay
new DWORD worth named PerformRouterDiscovery worth of 0
Download: VB.Internet enthusiasts
seven, configure Sql Server
OLE Automation Stored Techniques, don't delete Sp_OACreate Sp_OADestroy Sp_OAGetErrorInfo Sp_OAGetProperty Sp_OAMethod Sp_OASetProperty Sp_OAStop
[page]
2, capture the present open ports or recorded, saved for later on comparison to see if open unfamiliar port. Not surprisingly, if you ever can tell every process, and port this phase may be omitted.
Error reporting services: deliver an error report prohibited
HKEY_LOCAL_MACHINE Program CurrentControlSet Services Tcpip Parameters
UrlScan is definitely an ISAPI filter, it passed in the HTTP packet analysis and to refuse any suspicious visitors. The most recent model is two.five, if it is 2000Server need to set up version 1.0 or two.0. Download handle see page the hyperlink just isn't
HKEY_LOCAL_MACHINE Program CurrentControlSet Providers Tcpip Parameters
Run, kind gpedit.msc within the carriage, open the Group Policy Editor, choose the laptop or computer Configuration-Windows Configurations - Safety Settings - audit coverage audit undertaking developed to notice that should the audit with the undertaking an excessive amount of, the extra activities which are produced, then the severe occasions to be able to uncover the even more tricky course, if too few audit may also impact you obtain severe incident, in this particular case you must produce a choice between the two.
suggested to critique the project is:
1, set up the technique needs a minimum of two partitions, partition formats are NTFS format
2, then in the management of IP filter lists possibilities clicks
Windows 7 Professional Windows Server 2003 Web Ser
Linear Mode
