Admin Tips
- Windows Server 2008/2003/2000/XP/NT Administrator Knowledge Base
  - Windows 2003
    - Admin Tips
      - Security
        Don’t forget to secure your UPS!

Section(s): Security
Published on Apr 04, 2007.
Last Modified on Apr 04, 2007.
Last Modified by Mitch Tulloch.
Rated 2 out of 5 based on 1 votes.

Physical security for your servers may be useless if you don't secure your UPS also.

Here’s a security precaution you may not have thought of before. Syskey is supposed to be a great way of securing a Windows server against physical attack. But I’ve actually heard of thieves breaking into a server room and stealing a server *with* the UPS backup power supply still attached to it. The idea is that the server is still turned on so when they get back to their hideout they can try various over-the-network brute force attacks on the server to compromise its Syskey machine key, yikes! The moral of the story? Make sure this scenario isn’t possible somehow, maybe by isolating your UPS in a separate room or welding it to the floor or something similar.

***

Mitch Tulloch was the lead author for the Windows Vista Resource Kit from Microsoft Press, which is THE book for IT pros who want to deploy, maintain and support Windows Vista in mid- and large-sized network environments. For more about Mitch, visit his website www.mtit.com

About Mitch Tulloch

Mitch Tulloch is a widely recognized expert on Windows administration, networking, and security. He has been repeatedly awarded Most Valuable Professional (MVP) status by Microsoft for his outstanding contributions in supporting users who deploy and use Microsoft platforms, products and solutions. Mitch has published over two hundred articles on different IT websites and magazines, and he has written or contributed to almost two dozen books and is lead author for the Windows 7 Resource Kit from Microsoft Press. For more information, see www.mtit.com .