Windows 2003 as a more reliable server operating system is generally safer, but there are certain insecure factors. For this reason, we can configure directory permissions, system security policies, protocol stack enhancements, system services and access. Control harden your system and improve the security of the server as a whole. Let the editors teach you how to make Windows Server 2003 more secure.
Step 1: Modify administrator accounts and create trap accounts:
Modifying built-in user accounts For many years, Microsoft has been emphasizing that it is best to rename the Administrator account and disable the Guest account. Achieve greater security. In Windows Server 2003, the Guest account is disabled by default, but it is still necessary to rename the Administrator account, because hackers often start attacking from the Administrator account. To do this, open the “Local Security Settings” dialog box, expand ““Local Policies"→“Security Options", in the right pane, there is an “Account: Rename System Administrator Account”. The strategy, double-click to open it, reset the Administrator to a plain user name, of course, please do not use the name of Admin, change is equal to no change, try to disguise it as a normal user, such as: guestone. Then create a trap account named "Administrator", "Restricted User", set its permissions to the lowest, and do nothing, and add a super complex password of more than 10 digits. This will keep those Scripts s busy for a while, and you can use them to discover their intrusion attempts. Or do something on top of its login scripts.
The second step is to remove the danger of the default share.
After Windows2003 is installed, the system will create some hidden shares. You can view them by typing net share in cmd. There are a lot of articles about IPC intrusion on the Internet, I believe everyone must be familiar with it. So we want to disable or delete these shares to ensure security by first writing a batch file like this:
@echo off
net share C$ /del
net share D$ /del
net share E$ /del
net share F$ /del
net share admin$ /del
Batch content can be modified according to your needs. Save it as delshare.bat and place it in the system32\\GroupPolicy\\User\\Scripts\\Logon directory under the system folder. Then enter gpedit.msc in the Start menu → Run, press Enter to open the Group Policy Editor. Click User Configuration & Rarr; Window Settings & Rarr; Script (Login/Logout) & Rarr; Login, click “Add” in the “Login Properties” window that appears, the “Add Script” dialog box will appear. Enter delshare.bat in the "Script Name" column of the window, and then click the "OK" button. This allows the system to be booted by the Group Policy Editor to execute the script to delete the system's default share.
Disabling IPC Connections
IPC is an acronym for Internet Process Connection, which is a remote network connection. It is a unique feature of Windows NT/2000/XP/2003. In fact, it establishes a communication connection between two computer processes, and communication of some network communication programs is established on the IPC. For example, IPC is like a paved road, we can use the program to access the remote host through this “road”. By default, IPC is shared, which means that Microsoft has paved the way for us. Therefore, this IPC-based intrusion is often referred to as IPC intrusion. You don't need any hacking tools to set up an IPC connection. Just type the appropriate command on the command line, but there is a precondition that you need to know the username and password of the remote host. After opening CMD, enter the following command to connect:
net use\\\\ip\\ipc$ "password" /user:"usernqme". We can disable IPC connections by modifying the registry. Open the Registry Editor. Locate the restrictanonymous subkey in HKEY_LOCAL_MACHINE\\ SYSTEM\\CurrentControlSet\\Control\\Lsa and change its value to 1 to disable the IPC connection.
The third step is: reset the remote accessible registry path
Set the remote accessible registry path to empty, which can effectively prevent hackers from using the scanner through the remote registry Read system information and other information of the computer. Open the Group Policy Editor and select “Computer Configuration”→“Windows Settings”→“Security Options”→“Network Access: Remote Access Registry Path”&&quoquo;Network Access: Remotely Accessible Registry", set the remotely accessible registry path and subpath content to null. This can effectively prevent hackers from using the scanner to read the system information and other information of the computer through the remote registry. Previous12Next page Total 2 pages
Since the win2003 system is used as a server, the system has a relatively high security setting and
In simple terms, Exchange servers can be used to architect email systems for busine
The so-called AD, Active Directory, directory service, has thousands of user data i
Domain name change tool. When I hear this noun, many net names feel very strange. W
Tips for setting up Win 2003 operating system
Detailed Win XP/2003 System Services
Master trick: win2003 system optimization small Raiders
How to implement VPN2003 single network card VPN
How to improve the video function skills of win2003 system
Cheats taught! win2003VPN configuration steps
17 big tricks make win2003 optimization more fun
Windows 2003 emergency repair disk startup and use
I have to know the win2003 terminal service connection skills
The rookie must see: Explain the Exchange 2003 cluster features
Experience Windows 2003 SP1 new highlights feature - Security Configuration Wizard
Apple released a new OS X 10.7.3 beta to developers.
Win8 system U disk pop-up and re-enable how to set
How does the Win10 system clear the contents of the file manager home page?
Win10 9926 how to voice activation Microsoft Xiaona
Win10 how to record video? Win10 comes with video recording function detailed tutorial
Window xp how to speed up the operating system installation process
How to judge the authenticity of Windows 7 Ultimate