|
Home > Archive > IIS Server Security > June 2006 > Windows Server Hardeing
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Windows Server Hardeing
|
|
| Eng.Rana@gmail.com 2006-06-19, 7:24 am |
| Hi all,
I was wondering why do we need to harden Windows server 2003 by
applying rules like:
1.Remove any unneeded Services
2.Close unneeded ports
3.Rename Administrator account
4.Prevent users from installing printer drivers
5.Restrict CD-ROM and floppy access to locally logged-on user only
.... and many many more
why are we doing so ?????
and what is the main problem with the default installations.
i tried searching the net but all what i found is that what to do, but
not why do we do each step and what is the effect of not applying it.
thanks for ur help and time
| |
| Roger Abell [MVP] 2006-06-19, 1:22 pm |
| Eng
See my reply to your identical posting to
microsoft.public.security
I did not see anything specific about IIS in your post,
but branching out from
www.microsoft.com/technet/security
you can find most all hardening and securing guides
by particular product.
Roger
<Eng.Rana@gmail.com> wrote in message
news:1150706031.104338.135990@y41g2000cwy.googlegroups.com...
> Hi all,
>
>
> I was wondering why do we need to harden Windows server 2003 by
> applying rules like:
> 1.Remove any unneeded Services
> 2.Close unneeded ports
> 3.Rename Administrator account
> 4.Prevent users from installing printer drivers
> 5.Restrict CD-ROM and floppy access to locally logged-on user only
>
>
> ... and many many more
>
> why are we doing so ?????
> and what is the main problem with the default installations.
>
> i tried searching the net but all what i found is that what to do, but
> not why do we do each step and what is the effect of not applying it.
>
> thanks for ur help and time
>
|
|
|
|
|