Win2003 system has a large number of user groups, system security is also relatively safe and stable, but the security system is inevitably attacked by hackers. Then, we need to maintain the safety of the system in the daily life. We have to know some skills in the maintenance, and now we share with you what aspects should be maintained.
First, limit the number of users in the administrator group
Strictly limit the users of the administrator group, and always ensure that only one Administrator (that is, you) is the user of the group. Check the users of the group at least once a day, and find that more users are deleted! There is no doubt that the new users must be the back door left by the intruders! At the same time, pay attention to the Guest users, smart intruders generally do not add strangers. Usernames, so it's easy for administrators to find their whereabouts. They usually activate the Guest user first, then change its password, and then put it in the Administrators group, but the Guest runs to the Administrators group for no reason? Stop!
Second, stop unnecessary services
Too many services are not a good thing, turn off the necessary services, especially even the administrator does not know what to do, What are you doing? Turn it off! Don't bring disaster to the system.
In addition, if the administrator does not need to remotely manage your computer, it is best to turn off all remote network login functions. Note that if you need it, disable "Task Scheduler", "RunAs Service" service!
The method of closing a service is very simple. After running cmd.exe, you can directly stop net stop servername.
Third, the administrator is safe, do not use the company's server for personal use
Windows 2003 Server In addition to the server, you can also do the same as a personal user's computer, browse the web, send and receive E-mail and so on. As an administrator, you should use the server's browser to browse the web as little as possible to avoid Trojan infection and company privacy information exposure due to browser vulnerabilities. Microsoft IE has a lot of vulnerabilities, I believe you will not know it? In addition, there are few tools on the server to use Outlook and other tools to send and receive E-mail, to avoid the virus, and bring losses to the enterprise.
Fourth, pay attention to local security
Preventing remote intrusion is very important, but the local security of the system can not be ignored, the intruder is not necessarily in the distance, it may be around!
(1) In time to put the latest version of the patch to prevent input method loopholes, this is no need to say. The input method vulnerability is not only caused by local intrusion. If the terminal service is opened, the system door will be opened, and a machine with a terminal client can easily enter!
(2) Not displayed Secondary login users
If your machine has to be shared by multiple people (in fact, a real server should not be like this), it is important to prohibit the user who last logged in, so as not to guess Password. The setting method is: in [Start] → [Program] & rarr; [Administrative Tools] & rarr; [Local Security Policy], open the "local policy" & rdquo; security options & rdquo;, double-click on the right side of the login screen Do not display the last login user name ”, select “Enabled”, and then click [OK], so that the next time you log in, the user name that was last logged in will not be displayed in the username box.
1. Don't choose to install from the network
Although Microsoft supports online installation, it is definitely not safe. Do not connect to the network until the system is fully installed, especially the Internet! Don't even connect all the hardware to install. Because Windows 2003 is installed, after entering the password of the user administrator account <Administrator", the system will create a shared account of “$ADMIN”, but it does not protect it with the password just entered. This situation will always be Continue until the computer starts up again. In the meantime, anyone can enter the system through “$ADMIN” at the same time, the installation is complete, the various services will run automatically, and the server is full of loopholes, which is very easy to invade from the outside.
In large enterprises, if the AD in Win2003 disappears unwarrantedly, I believe many people will defi
We always hope to dig deep into the systems ability to make our computer run more quickly and effici
We all know that Win2003 system is a safer and more stable system, but you can not think of it as a
Since upgrading the system to Win8.1, every time you turn on the Internet connection must be used tw
There is always a way for you to make the Win2003 system run faster.
The novice must-have tutorial win 2003 system use skills
Tips that all of your friends are using: Forced end of system malicious processes
The steps to turn the win 2003 system into a workstation are
How to simplify the password of the domain controller?
Can the installation of win 2003 system be diskless?
Answers to some common questions about the win 2003 system
Win2003 server restarts on time
Detailed introduction to the win 2003 system directory function
How to configure the NAT server in win 2003
Entering the serial number during installation is too cumbersome. The input method is announced.
How to use Terminal Services Resources to redirect Windows
View the Win8 system activation time method
Win7 disk defragmentation tutorial
Win10 Universal Edition QQ first appeared in the app store, the essence is still win8.1 version
How to solve the black screen problem of Windows system death
Win10 preferred development tool Visual Studio 2015 official release