four, open the proper audit coverage
In case your page uses a non-ASCII code, you'll should AllowHighBitCharacters Alternative section, set the worth 1
the modifications created towards the URLScan.ini file, you must restart IIS providers to consider effect, fast approach to run, type iisreset
Remote Registry: Avoid remote modification on the registry
the World Broad Internet service.
If you are employing FrontPage prolonged Internet web site and then check: FrontPage 2002 Server Extensions
add - name to Internet Filter - Click on Add - sort inside the description Internet server - any IP source handle is set to handle - the vacation spot deal with as my IP deal with - protocol kind is set to Tcp - IP protocol port the first set from any port, this port 80 2nd - Click on End - Click Okay.
privilege use Failure
six. don't help the IGMP protocol
method occasion good results or failure
new DWORD worth named SynAttackProtect, a value of 2
four. Prohibition Discover response to ICMP routing messages
ten, run the server information the present system and open the port
right-click
three, installation of IIS, IIS only set up the crucial elements (such as FTP and disable unwanted SMTP expert services). By default, IIS support just isn't installed within the Add / Remove Win Parts, select p> Online Info Expert services Manager;
2, should the machine is preferred to login authentication configuration for that Win
seven, disable DCOM:
add - identify to all inbound Filter - Click Add - Enter in the description all inbound filtering - set the supply handle of any IP tackle - the vacation spot address as my IP address - any protocol sort set - click on Next - Complete - Click on Okay.
HKEY_LOCAL_MACHINE Program CurrentControlSet Providers Tcpip Parameters
Qualifications Intelligent Transfer Service (BITS) Server Extensions;
seven, making use of UrlScan
one, do not make use of the default Web internet site, in case you make use of the IIS directory will need to be separated with all the method disk.
2, delete the Inetpub directory produced by IIS by default (in installing the method tray).
three, delete the virtual directory underneath the method tray, which include: _vti_bin, IISSamples,
Microsoft Office 2010 Key, Scripts,
Microsoft Office Pro 2007, IIShelp, IISAdmin, IIShelp, MSADC.
four, remove pointless IIS extension mapping.
right-click Primarily. Shtml,. Shtm,. Stm
1, Administrative Equipment - Nearby Protection Policy - Right-click IP Protection Policies - Handle IP filter lists and filter steps - in the management of IP filter lists selections clicks
9, it's recommended
Distributed File Program: LAN management of shared files, without getting to disable
two, within the case of disconnected through the network put in in 2003 method
Error reporting support: send an error report prohibited
NTLMSecuritysupportprovide: telnet services and Microsoft Serch use, do not disable
two, lift the NetBios and TCP / IP protocol bindings
right-click My Network Locations - Properties - Right-click Nearby Area Connection - Properties - Double-click Net Protocol - High-Wins-disable TCP / IP around the NETBIOS
2, seize the present open ports or recorded, stored for later on comparison to see if open unknown port. Of course, if you can inform every process, and port this action could be omitted.
5, change the IIS log path
4, delete the subsequent extended saved procedure format: use master sp_dropextendedproc ' extended saved procedure identify '
Object Accessibility ; failure
3, the Visitor account Disable and change the identify and description, then enter a complicated password,
Office Home And Stude/nt, not surprisingly, now there is certainly a DelGuest instrument, possibly it is easy to also use it to remove the Visitor account, but I've not tried.
four, enter the run sort gpedit.msc to open Group Coverage Editor, pick Computer Configuration-Windows Settings - Safety Settings - Account policy - account lockout policy, the account is set to
five, within the Safety Configurations - Neighborhood Policies - Safety Alternatives will be, allocation of rights will likely be If you're employing Asp.net nevertheless keep Aspnet account.
seven, to create a User account, working method, should you would like to run privileged commands using the Runas command.
Third, network services security management
Second, set up and handle accounts
two, then in the management of IP filter lists selections clicks
xp_cmdshell: is the best approach to access the running technique, delete
new DWORD value named PerformRouterDiscovery worth of 0
open the registry , HKEY_LOCAL_MACHINE Technique CurrentControlSet Companies lanmanserver parameters, inside the proper window, the new Dword value name to AutoShareServer worth to 0
1, in opposition to C $, D $, ADMIN $ share course from the default
six, IP protection coverage in the suitable window, right-click the brand new packet filter, click on about the assignment, don't restart , IPSec can be efficient.
5 other security-related configurations
one, hide important files / folders
1, the procedure will seize the current server or recorded, conserve it for later on comparison to see if one can find mysterious systems.
UrlScan is definitely an ISAPI filter, it passed in the HTTP packet evaluation and also to refuse any suspicious traffic. The latest edition is 2.five, if it's 2000Server have to set up model one.0 or 2.0. Download address see web page the website link is not
an, Windows Server2003 set up
If there's no special requirements can make use of the default configuration UrlScan.
policy change success or failure
1, very best to decrease the building from the method administrator account, change the default administrator account name (Administrator) and description, password, very best digital plus uppercase and lowercase letters as well as numbers about the Shift important mixture, the best duration of not much less than 14 bits.
2, produce a brand new account named Administrator on the trap, to set the minimal permissions, and then casually enter the top combination of not much less than 20-bit password
URLScan.ini file folder, and then add the debug verb in UserAllowVerbs part, notice that this part is case-sensitive.
HKEY_LOCAL_MACHINE Program CurrentControlSet Services Tcpip Parameters
successful account logon events Failure
one, Technique Administrators function is greatest not additional than two
Remote Desktop Support Session Manager: Prohibition of Remote Help
set the worth to EnableICMPRedirects is 0
4, MSSQL and it needs to set up the software and then Update.
five, employing the Microsoft supplied MBSA (Microsoft Baseline Safety Analyzer) instrument to review the computer's safety configuration, and identify lacking patches and updates. Obtain: Begin to see the finish with the link web page
but when you run ASP.Internet around the server program, and you have to open the debug% WINDIR% System32 Inetsrv URLscan
public paperwork;
Directory Services Access Failure
eight, employing WIS (Web Injection Scanner) instrument about the whole Web website SQL Injection vulnerability scans.
Run, kind gpedit.msc in the carriage, open the Group Coverage Editor, choose the personal computer Configuration-Windows Configurations - Protection Configurations - audit policy audit challenge developed to note that should the audit on the venture an excessive amount of, the even more events which are generated, then the significant occasions so as to locate the extra tough course, if too few audit will also have an effect on you uncover serious incident, in this case you should create a choice between the 2.
suggested to critique the challenge is:
OLE Automation Saved Methods, don't delete Sp_OACreate Sp_OADestroy Sp_OAGetErrorInfo Sp_OAGetProperty Sp_OAMethod Sp_OASetProperty Sp_OAStop
Download: VB.Net fans
seven, configure Sql Server
saved process to access the registry, delete Xp_regaddmultistring Xp_regdeletekey Xp_regdeletevalue Xp_regenumvalues ; Xp_regread Xp_regwrite Xp_regremovemultistring
PrintSpooler: If no printer may be disabled
5. to avoid ICMP redirect messages attacks
Microsoft Serch: to provide quick word search, don't disable
right-click the instance select Properties - General - Network Configuration, pick TCP / IP protocol properties Understanding SQL Server instance, and alter the initial default 1433 port.
3, don't use Sa account, to configure a super complicated password
three, shut down undesirable providers, The subsequent is the suggested option
Distributed linktracking consumer : update the connection specifics for the LAN, with out having to disable
one, install the system requirements at least two partitions, partition formats are NTFS format
four, right-click IP Security Policies - Create IP Safety Policy - the next stage - the identify in the input information packet filters - the following stage - to cancel the default activation response principle - Subsequent - Finish
When you web page is. asp web page you'll want to remove DenyExtensions. asp-related content material.
HKEY_LOCAL_MACHINE Program CurrentControlSet Expert services Tcpip Parameters
could be entirely hidden to modify the registry:
3, to stop SYN flood attacks
new DWORD value named IGMPLevel 0
3, the filter operation in the management selections for the following click Add - the next phase - enter the identify of preventing - the following phase - opt for to block - the following stage - total - shut the management of IP filter lists and filter operation window
5, concealed SQL Server,
Office Pro 2010 Key, alter the default port 1433
eight, if only the server, not one other operations, the use of IPSec
HKEY_LOCAL_MACHINE Technique CurrentControlSet Expert services Tcpip Parameters Interfaces interface
five, at the opening for the new IP Protection Policy Properties window, select Add - the following action - do not specify a tunnel - the following phase - all network connections - the next phase - in IP filter checklist, pick the new Web Filter - the following stage - a filter operation in the Choose License - Subsequent - End - The IP filter listing, pick the new filter to prevent - the following phase - - Choose the filter action to stop - the next action - total - Ok
Run, kind Dcomcnfg.exe. Enter, click the Open the
for the local laptop or computer, right-click Choose
obvious
Be aware :3-6 products I use Server2000 is set, not tested around the 2003 is operating. But one factor is particular for some time I didn't get another side of Vice.
six, configure IIS expert services:
[page]
logon occasions good results and failure
6, for anyone who is using 2000 it is easy to use iislockdown to safeguard IIS, IE6.0 operating within the 2003 version doesn't require.
Pc Browser: upkeep of network pc updates, disable
if you go by this operation, the proposed modifications to every do a test server, if there are actually issues you can immediately undo the alter. The When you alter far more than the variety of goods,
Windows 7 Professional Key, only to locate troubles, it really is tricky to determine where the challenge is one action about the.
Should you configured any problems, you are able to add / Eliminate Programs to eliminate UrlScan.
Office Home And Stude/nt Windows Server 2003 Web S
Hybrid Mode
