- Admin KnowledgeBase
- Articles & Tutorials
- Authors
- Blogs
- Free Tools
- Hardware
- Message Boards
- Newsletters
- RSS
- Software
- White Papers
Knowledge Base Tips topic
| [ | 3440 | ] |
Windows Server 2008/2003/2000/XP/NT Administrator Knowledge Base
|
Last updated: Mar 09, 2010 |
Security Tips
- A Common Misconception Regarding Security Logs
- Date - Oct 27, 2005
- Do domain controllers share security logs?
- Adding Pop-Up Blocker Exceptions via GPO
- Date - Dec 22, 2005
- Occasionally there are sites that we as domain administrators need to allow pop-ups for across the board. This tip shows how to do this with Group Policy.
- Audit Collection Services (ACS)
- Date - Jul 19, 2005
- Microsoft's Audit Collection Services (ACS) is coming soon to simplify collection and management of Security logs throughout your organization.
- Auditing Access to Sensitive Data
- Date - Jul 06, 2005
- How to see who's accessing sensitive files on a server.
- Auditing Group Policy Settings
- Date - Jun 28, 2005
- How to use the GPMC for auditing purposes.
- Auditing on a per-user basis
- Date - Mar 01, 2006
- How to configure per-user auditing.
- Authorized DHCP
- Date - Dec 04, 2007
- How to authorize DHCP for clients
- Automatic Updates for Servers?
- Date - Sep 27, 2005
- Should the Automatic Updates (AU) feature be used to keep your servers patched?
- Be an example
- Date - Oct 18, 2005
- Want users in your company to follow the security policies and practices you lay down?
- Changing Worker Process Identity in IIS 6
- Date - Aug 30, 2005
- In IIS 6 on W2K3, all worker processes run by default using NetworkService as their identity.
- Checking Local Group Policy
- Date - Dec 21, 2005
- There may be times when you want to check the Local Group Policy Settings on a desktop machine.
- Comparing Two Group Policy Objects
- Date - Jun 16, 2005
- How to compare two GPOs and see how their settings differ.
- Configuring Security for Server Based Printers
- Date - Jul 26, 2007
- Anytime you are using a printer in a large network environment you need to make sure it is securely distributed. Here we look at how to set security permissions on a server based printer.
- Configuring Wireless Security Settings via GPO
- Date - Mar 23, 2006
- Using Group Policy wireless extensions you can more easily manage security and encryption settings for your networks wireless clients.
- Creating a password reset disk
- Date - Jan 02, 2008
- Creating a password reset disk
- Default GPO Permissions
- Date - Jul 13, 2006
- It is very important to assign appropriate permissions to every GPO you create. Here I list the default permissions given to a new GPO.
- Disable Enumeration of SID's
- Date - Mar 08, 2005
- One way for an attacker to scope out a target system and, particularly, to identify the Administrator account so they can focus their efforts on the account with the most privileges is to list, or enumerate, the SID's (serial identifiers) on a Windows machine.
- Disabling Internet Explorer Enhanced Security Configuration
- Date - Jan 22, 2008
- Windows Server 2003 comes out of the box very hardened in some areas. One of these is through Internet Explorer Enhanced Security Configuration. Here is how to disable it.
- Disabling LM Authentication
- Date - Mar 22, 2007
- Using strong passwords is useless if they are not encrypted properly. That’s why disabling LM authentication is important.
- Disabling the RunAs Command
- Date - Mar 22, 2005
- To enhance security you can prevent users from using the RunAs command.
- Don’t forget to secure your UPS!
- Date - Apr 04, 2007
- Physical security for your servers may be useless if you don't secure your UPS also.
- Don't Bother Deleting C$
- Date - Feb 15, 2006
- Why deleting the C$ share is not a good idea.
- Eliminating Ping Responses from Secret Servers
- Date - Mar 27, 2007
- Ever have a server setup that you really don’t want people knowing even exists? Keeping it from returning ping responses is a great way to make it vanish.
- Enabling Windows Firewall on domain controllers
- Date - Aug 08, 2007
- Steps for enabling WF on domain controllers.
- Encrypting the system volumes on a server
- Date - Jun 18, 2009
- Why encrypting the system volume on a server is usually not a good idea.
- Enforcing Group Policy
- Date - Feb 14, 2006
- How to force Group Policy to apply even when users can override settings using local admin credentials.
- Exempting User Accounts from Domain Password Policies
- Date - Jun 14, 2007
- There's one exemption to how domain password policies are applied.
- Find all encrypted files
- Date - Jan 08, 2008
- How to find all the EFS encrypted files on a machine.
- Find Out When Policy Last Applied
- Date - Jun 08, 2005
- How to find out when Group Policy was last applied to a remote machine.
- Finding Significant Security Events
- Date - Jul 20, 2005
- How to sort the wheat from the chaff in Windows Security logs.
- Gaps in Security Log
- Date - Jul 14, 2005
- You found a gap of several hours in your Security log, what does it mean?
- Get the Latest ADM Files
- Date - Jul 12, 2005
- How to obtain the latest Administrative Template files from Microsoft.
- Google Yourself To Identify Security Holes
- Date - Mar 15, 2005
- Google is very good at what it does. It automatically and systematically catalogues every document, image, web site or other data that is web accessible so that it can be quickly retrieved using the Google search engine. That includes potentially sensitive or confidential data that wasn't intended to be shared publicly. Google your own network or sites to identify possible security holes.
- Group Policy in mixed environments
- Date - Apr 24, 2007
- How to target Group Policy differently for different OSes.
- Group Policy Task Force
- Date - Jun 21, 2005
- Check out the work of the Group Policy Task Force.
- Hiding an Entire Computer from Network Users
- Date - Aug 12, 2009
- Preventing network users from seeing a computer in My Network Places or Network.
- How Can I Learn Group Policy?
- Date - Jun 14, 2005
- Need to learn how Group Policy works, what it can do, and how to implement it?
- How to choose a VPN auth protocol
- Date - Jan 17, 2007
- How do you decide which auth protocol to use on a VPN client?
- How to prevent users from installing software
- Date - Apr 17, 2007
- Preventing users from installing software.
- How to remove unwanted local user accounts
- Date - Apr 10, 2007
- How to get rid of those pesky local user accounts on your workstations, or at least mitigate their unwanted presence.
- IIS 6 and MIME Types
- Date - Sep 07, 2005
- Serving up files from a web server running IIS 6 can sometimes be problematical.
- Increase file server performance
- Date - Jul 12, 2006
- Don't use your domain controller as a file server--here's why.
- Joining a Domain Securely
- Date - May 26, 2005
- How to securely add a computer to a domain.
- Listening ports and services
- Date - Nov 20, 2007
- How to find what ports your server is listening on and which service is listening on each port
- Listing All DHCP Servers
- Date - Aug 09, 2005
- Want to know the DNS names and IP addresses of all DHCP servers on your network?
- Local accounts and Group Policy
- Date - Jan 17, 2006
- Group Policy can be a minefield and some policy settings are best left unchanged...
- Logging Windows Firewall
- Date - Mar 15, 2007
- The built-in windows firewall won’t only stop unwanted traffic at your doorstep, it will log it too!
- Management software and security
- Date - Sep 28, 2005
- Which kind of management software is more secure, agent-based or agentless?
- Managing Event Logs on Multiple Servers
- Date - Jul 13, 2005
- Tools for managing Event logs on multiple Windows servers.
- Map Your Network For Better Protection and Incident Response
- Date - Apr 01, 2005
- It is difficult to protect devices that you don't even know exist. In larger enterprises it is very easy to lose track of the asset inventory which leads to complacency about rogue devices. In order to effectively protect the network and to respond to incidents efficiently, an updated asset inventory and network map should always be handy.
- MSDN Webcast: Using Authorization Manager on Windows Server 2003
- Date - Apr 20, 2004
- 83 mins - In this advanced session, we will learn how to leverage the Authorization Manager API that’s built into Windows Server 2003 to control access to resources and limit the tasks that a user can perform. We’ll write code to perform dynamic access checks on specific tasks. We’ll compare and contrast controlling authorization via a custom-built SQL scheme and using the Active Directory and Authorization Manager in Windows Server 2003. Finally, we’ll explore how roles can be inherited and integrate auditing.
- MSDN Webcast: Windows Server 2003 Internet Explorer Security Setting Functionality
- Date - Apr 20, 2004
- 36 minutes - look at the changes made to Internet Explorer in Windows Server 2003 and how these changes will affect the ISV or developer when developing applications. This short webcast will cover the background of why the default settings for Internet Explorer will be set at the highest level of security, how the user's experience will be affected and what an ISV or developer can do to ensure their customer has a productive experience on Windows Server 2003.
- NETBIOS: Leave On or Turn Off?
- Date - Apr 14, 2005
- NETBIOS is supposed to be no longer needed since Windows 2000, but this is not really the case.
- Port 445 and trust creation
- Date - Oct 04, 2007
- How port 445 is used in trust creation
- Pre-staging computer accounts
- Date - Apr 25, 2007
- How to ensure client computers are not left in an unmanaged state after joining a domain.
- Preventing Group Policy Workarounds
- Date - Jun 22, 2005
- A smart user who has local Administrator or Power Users privileges on their desktop computer may be able to circumvent Group Policy.
- Preventing Rogue DHCP Clients
- Date - Aug 04, 2005
- If you are using DHCP on your network and you want to prevent rogue clients from obtaining IP addresses from your DHCP server and participating on your network, your options are simple.
- Preventing Users From Circumventing Group Policy
- Date - Jan 24, 2006
- Given enough privileges, a user can often circumvent Group Policy restrictions. Here's what you can do about it.
- Preventing users from Modifying Group Policy Settings
- Date - May 30, 2006
- How to prevent users from modifying Group Policy.
- Pros and Cons of Disabling NTLMv1
- Date - Aug 19, 2008
- Is it a good idea to disable LM and NTLMv1 authentication on Windows networks and allow only NTLMv2 authentication?
- Protect Wireless Access Using MAC Address Filters
- Date - Mar 22, 2005
- Wireless networks add a significant level of convenience for many users. The ability to roam at will and access the network without adding wires is quite useful. But, you need to do so securely. There are a number of basic steps you should take to protect your wireless network and filtering MAC addresses is one more way to secure it.
- Protect Your Security Logs
- Date - Jul 26, 2005
- Tip on how to protect your Security logs.
- Reversing Folder Redirection
- Date - Jun 16, 2005
- Careful planning makes it easy to reverse folder redirection later on.
- Schema vs. Enterprise vs. Domain Admins
- Date - Jun 20, 2007
- Domain admins can basically do anything, anywhere in the forest.
- Secure USB ports
- Date - Dec 01, 2005
- How to prevent users from downloading sensitive files using USB keys.
- Securing your Event logs
- Date - Jun 07, 2007
- Preventing rogue administrators from tampering with Event logs.
- Security Innovations in Windows Server 2003
- Date - Aug 25, 2004
- 205 KB Microsoft Word file - outlines how they facilitate business scenarios such as: building a secure Web application platform, providing secure mobile access, and streamlining identity management across the enterprise.
- Security Options Ignored
- Date - Nov 08, 2005
- Why are some Security Options in Group Policy not being applied?
- Security Patches as ISO images
- Date - Feb 21, 2006
- You can obtain patches for Windows as an ISO (CD) image.
- Security policies--where to start
- Date - Oct 13, 2005
- If you tell IT managers they need to create a formal, written security policy for their company (many small- and mid-sized companies don't have one) what's the first thing they'll say in response?
- Service accounts and user profiles
- Date - Jul 17, 2007
- How to create a profile for a service account and why you may need to do so.
- TechNet Webcast: Security in a Windows Server 2003 Environment
- Date - Apr 20, 2004
- 95 mins - Rand will talk about the security technologies built-in to Windows Server 2003 and how organizations are implementing the technologies to solve business challenges. Portions of the content covered in this webcast will be taken from Rand's latest book "Windows Server 2003 Unleashed," a 1286-page book from Sams Publishing. Some of the topics that will be covered include IPSec NAT Traversal, Passport technology, Windows Server 2003 certificates, and wireless security using 802.1X in a Windows Server 2003 environment.
- TechNet Webcast: Windows Server 2003 As A Foundation for Risk Management and Security Regulatory Compliance
- Date - Apr 20, 2004
- 71 mins - we will examine the nature of risk management as reflected in these security regulatory requirements. Specifically, we will explore how Windows Server 2003 can be employed as the foundation technology for risk management and to introduce the concept of the Microsoft/Secure Logistix jointly developed Compliance WorkCenter
- TechNet webcast: Windows Server 2003 Security Guide
- Date - Apr 20, 2004
- 63 mins - webcast will examine the recently released guide called Windows Server 2003 Security Guide and its companion guide, Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP . The new guides provide customers with detailed security guidance on Microsoft Windows Server 2003™ that is authoritative, proven, and tested. The guides are designed to empower users to assess and mitigate a wide range of significant security issues that may exist in their environment.
- Technical Overview of Windows Server 2003 Security Services
- Date - Aug 20, 2004
- 205 KB Microsoft Word file - 324 KB Microsoft Word file
- Terrific Resource for Windows Security Log
- Date - Jul 05, 2005
- Here's a terrific resource for the Security log that every Windows admin should know about.
- The Power with Power Users
- Date - Apr 12, 2007
- The power users group is often misused and can lead to the compromise of a system. Here is why this can happen.
- Tips for Securing Your Wireless LAN
- Date - Feb 04, 2009
- Ways to protect your Wi-Fi network from eavesdroppers and hackers.
- Tool for slipstreaming patches
- Date - Oct 06, 2005
- It's not easy to slipstream a bunch of patches properly into Windows.
- Top 5 Group Policy Links
- Date - Oct 20, 2005
- Five great resrouces with helpful information on Group Policy...
- Transferring Ownership of Files: Good or Bad?
- Date - May 11, 2005
- Windows Server 2003 lets you easily transfer ownership of files, but should you?
- Troubleshooting WSUS
- Date - May 02, 2006
- How to troubleshoot WSUS when clients can't download and install patches.
- Using Attack Surface Area and Relative Attack Surface Quotient to Identify Attackability of Windows Server 2003
- Date - Aug 12, 2004
- 416 KB Adobe Acrobat file - In March 2003, Microsoft engaged the Security and Technology Solutions practice of Ernst & Young LLP to validate the Relative Attack Surface Quotient (RASQ) model developed by Microsoft, which quantifies the relative "attackability" provided by each of its operating system platforms. The model provides a methodology to compute the attackability of Microsoft Windows server operating systems by describing potential exploit points and assigning a relative vulnerability level based on exploits that occur in the real world. Ernst & Young conclude that Windows Server 2003 is the least attackable operating system Microsoft has ever released.
- Using Reservations to Ensure DHCP Server Availability and Security
- Date - Mar 24, 2005
- In high security environments you can use Reservations to ensure the security and availability of DHCP servers.
- Value of Auditing Workstations
- Date - Oct 25, 2005
- Why you might consider enabling auditing on workstations...
- Verifying ports are listening
- Date - Jun 26, 2007
- How to determine if a server is listening on a given port.
- Virtualization and Viruses
- Date - Apr 26, 2006
- How to protect your virtual machines without degrading performance.
- Want to Improve Group Policy?
- Date - Jun 30, 2005
- How to help Microsoft improve Group Policy and other aspects of Windows Server System platforms.
- Warning Signs of a Rogue DHCP Server
- Date - Mar 14, 2007
- Just because you are only supposed to have one DHCP server on your network doesn’t mean it really is the only one
- What Defense In Depth Is NOT
- Date - Oct 11, 2005
- A common misconception concerning network security is the meaning of the term "defense in depth".
- Why It's Hard to Harden Clients
- Date - Nov 01, 2005
- Servers are usually hardened--why not clients?
- XP SP2 Breaks Group Policy
- Date - Jun 09, 2005
- Resolving an issue with adm files in XP SP2.
Article not looking right or info is missing? Let us know so that we can fix it: .
Featured Links*
Become a WindowsNetworking.com member!
Discuss your network issues with thousands of other network administrators. Click here to join!
Featured Products
