saved process to access the registry, delete Xp_regaddmultistring Xp_regdeletekey Xp_regdeletevalue Xp_regenumvalues ; Xp_regread Xp_regwrite Xp_regremovemultistring
HKEY_LOCAL_MACHINE System CurrentControlSet Expert services Tcpip Parameters Interfaces interface
five, change the IIS log path
Distributed File Program: LAN management of shared files, without getting to disable
Directory Support Accessibility Failure
Remote Desktop Assist Session Manager: Prohibition of Remote Help
Object Accessibility ; failure
2, capture the existing open ports or recorded, stored for later comparison to determine if open mysterious port. Of course,
Office 2010 Professional Key, in the event you can inform each and every process, and port this step can be omitted.
5. to stop ICMP redirect messages attacks
the World Broad Internet service.
If you're utilizing FrontPage prolonged Internet site and then verify: FrontPage 2002 Server Extensions
PrintSpooler: If no printer can be disabled
six, IP safety coverage inside the correct window, right-click the new packet filter, click about the assignment, don't restart , IPSec can be successful.
Run, kind gpedit.msc within the carriage, open the Group Policy Editor, pick the pc Configuration-Windows Configurations - Security Settings - audit policy audit venture produced to note that should the audit of your project too much, the more occasions that are produced, then the severe occasions to be able to find the much more tricky program, if as well couple of audit will also affect you obtain serious incident, during this situation you must make a selection in between the two.
suggested to critique the venture is:
HKEY_LOCAL_MACHINE System CurrentControlSet Companies Tcpip Parameters
HKEY_LOCAL_MACHINE Method CurrentControlSet Services Tcpip Parameters
public paperwork;
eight, if only the server, not one other operations, the use of IPSec
7, disable DCOM:
2, elevate the NetBios and TCP / IP protocol bindings
right-click My Network Places - Properties - Right-click Local Location Connection - Properties - Double-click Online Protocol - High-Wins-disable TCP / IP on the NETBIOS
5 other security-related configurations
1, hide fundamental files / folders
one, install the program wants a minimum of two partitions, partition formats are NTFS format
right-click
privilege use Failure
Remote Registry: Avoid remote modification in the registry
set the value to EnableICMPRedirects is 0
If there is certainly no special specifications can make use of the default configuration UrlScan.
logon activities good results and failure
four, right-click IP Safety Policies - Develop IP Protection Coverage - the next phase - the name with the input data packet filters - the next stage - to cancel the default activation response principle - Next - End
Pc Browser: maintenance of network laptop or computer updates, disable
1, do not make use of the default Internet website, if you use the IIS directory should really be separated using the method disk.
2, delete the Inetpub directory produced by IIS by default (in setting up the program tray).
3,
Office Professional Plus, delete the virtual directory beneath the program tray, which include: _vti_bin, IISSamples, Scripts, IIShelp, IISAdmin, IIShelp, MSADC.
4, remove needless IIS extension mapping.
right-click Primarily. Shtml,. Shtm,. Stm
[page]
one, Administrative Equipment - Local Protection Policy - Right-click IP Security Policies - Handle IP filter lists and filter steps - inside the management of IP filter lists possibilities clicks
Microsoft Serch: to present quickly phrase search, don't disable
URLScan.ini file folder, and then add the debug verb in UserAllowVerbs part, note that this area is case-sensitive.
6. do not support the IGMP protocol
NTLMSecuritysupportprovide: telnet support and Microsoft Serch use, do not disable
in the event you go by this operation, the proposed alterations to every do a test server, if there are actually challenges it is possible to instantly undo the alter. The For those who alter much more than the quantity of things, only to discover complications,
Office Pro 2007 Key, it is complicated to figure out exactly where the challenge is one step on the.
new DWORD value named SynAttackProtect, a worth of 2
4. Prohibition Discover response to ICMP routing messages
add - name to Internet Filter - Click Add - sort within the description Web server - any IP source handle is set to address - the vacation destination address as my IP deal with - protocol type is set to Tcp - IP protocol port the very first set from any port, this port eighty second - Click Complete - Click on Okay.
1, the method will capture the current server or recorded, help save it for later comparison to see if there are unfamiliar programs.
xp_cmdshell: is the top way to accessibility the running method, delete
but for those who run ASP.Net on the server system, and you need to open the debug% WINDIR% System32 Inetsrv URLscan
effective account logon activities Failure
3, set up of IIS, IIS only install the crucial parts (including FTP and disable undesirable SMTP providers). By default, IIS service just isn't installed inside the Add / Eliminate Win Components, pick p> Web Info Services Supervisor;
1, in opposition to C $, D $, ADMIN $ share course of the default
When you page is. asp web page you need to eliminate DenyExtensions. asp-related content.
may be totally concealed to modify the registry:
three, to prevent SYN flood attacks
4, open the suitable audit policy
system occasion good results or failure
ten, run the server documents the present program and open the port
new DWORD value named PerformRouterDiscovery worth of 0
3, shut down unwanted services, The following could be the suggested option
In the event you configured any problems, you can add / Eliminate Programs to eliminate UrlScan.
9, it really is recommended
one,
Office 2010 Pro, System Administrators role is best not a lot more than two
4, MSSQL and it needs to set up the software after which Update.
5, utilizing the Microsoft supplied MBSA (Microsoft Baseline Safety Analyzer) instrument to review the computer's security configuration, and identify missing patches and updates. Download: Begin to see the finish from the hyperlink page
five, hidden SQL Server, change the default port 1433
three, the Visitor account Disable and alter the title and description, then enter a complicated password, certainly, now there is certainly a DelGuest tool, possibly you'll be able to also utilize it to remove the Visitor account, but I've not attempted.
four, enter the run type gpedit.msc to open Group Policy Editor, select Laptop or computer Configuration-Windows Configurations - Security Settings - Account policy - account lockout coverage, the account is set to
five, within the Protection Settings - Neighborhood Policies - Protection Alternatives will likely be, allocation of rights is going to be Should you be working with Asp.internet nonetheless keep Aspnet account.
seven, to develop a User account, working system, if you ever need to run privileged commands using the Runas command.
3rd, network support safety management
open the registry , HKEY_LOCAL_MACHINE System CurrentControlSet Expert services lanmanserver parameters, inside the perfect window, the brand new Dword value title to AutoShareServer value to 0
one, best to decrease the development of your program administrator account, change the default administrator account identify (Administrator) and description,
Microsoft Office 2010 Professional Plus, password, very best digital plus uppercase and lowercase letters as well as numbers around the Shift crucial combination, the top duration of not much less than 14 bits.
two, create a new account named Administrator from the trap, to set the minimum permissions, and then casually enter the most effective mixture of not much less than 20-bit password
3, do not use Sa account, to configure a tremendous complicated password
Obtain: VB.Internet enthusiasts
7, configure Sql Server
five, in the opening on the new IP Protection Coverage Properties window, choose Add - the following action - don't specify a tunnel - the following action - all network connections - the following step - in IP filter list, select the brand new Web Filter - the following stage - a filter operation within the Choose License - Next - Complete - The IP filter listing, choose the brand new filter to prevent - the next step - - Select the filter motion to quit - the next step - total - Okay
Error reporting services: send an error report prohibited
2, if the machine is most beneficial to login authentication configuration for that Win
right-click the instance select Properties - Basic - Network Configuration, choose TCP / IP protocol properties Knowledge SQL Server instance, and change the original default 1433 port.
Track record Intelligent Transfer Services (BITS) Server Extensions;
four, delete the subsequent prolonged stored process format: use master sp_dropextendedproc ' prolonged saved procedure title '
2nd, set up and handle accounts
OLE Automation Stored Techniques, don't delete Sp_OACreate Sp_OADestroy Sp_OAGetErrorInfo Sp_OAGetProperty Sp_OAMethod Sp_OASetProperty Sp_OAStop
eight, utilizing WIS (Web Injection Scanner) instrument around the whole Web website SQL Injection vulnerability scans.
2, then inside the management of IP filter lists alternatives clicks
an, Windows Server2003 installation
If your web page utilizes a non-ASCII code, you are going to need to AllowHighBitCharacters Option segment, set the value 1
the modifications created towards the URLScan.ini file, you have to restart IIS expert services to take effect, quick approach to run, sort iisreset
Run, type Dcomcnfg.exe. Enter, click on the Open the
for the nearby laptop or computer, right-click Select
clear
Be aware :3-6 merchandise I use Server2000 is set, not examined around the 2003 is functioning. But 1 factor is certain for some time I did not acquire another aspect of Vice.
6, configure IIS solutions:
7, employing UrlScan
6, in case you are utilizing 2000 you could use iislockdown to defend IIS, IE6.0 running in the 2003 version does not will need.
three, the filter operation inside the management possibilities for the following click on Add - the following phase - enter the title of stopping - the following stage - pick out to block - the following phase - complete - close the management of IP filter lists and filter operation window
HKEY_LOCAL_MACHINE Technique CurrentControlSet Services Tcpip Parameters
two, inside the situation of disconnected through the network set up in 2003 program
add - name to all inbound Filter - Click on Add - Enter in the description all inbound filtering - set the supply tackle of any IP tackle - the destination deal with as my IP deal with - any protocol kind set - click on Subsequent - Finish - Click on Okay.
policy change success or failure
new DWORD worth named IGMPLevel 0
Distributed linktracking consumer : update the connection data for that LAN, without acquiring to disable
UrlScan is surely an ISAPI filter, it handed inside the HTTP packet analysis and also to refuse any suspicious visitors. The most recent model is 2.5, if it's 2000Server have to set up version one.0 or two.0. Obtain handle see web page the website link isn't
Microsoft Office 2010 Professional Plus Windows Se
Linear Mode
