Results 1 to 2 of 2

Thread: The Next Step: Securing My Windows Box

  1. #1
    Join Date
    Jul 2003

    The Next Step: Securing My Windows Box

    The Next Step: Securing My Windows Box

    Hello all this is my first, newb attempt at a tutorial, so help me out please.

    To begin hardening your windows system you should already have a fresh instillation of your OS, already patched, and with AV and a personal firewall. After this is done you can begin.

    1. Rename or remove the built in administrator account.
    Left untouched this is a huge security risk. Every malicious computer user knows these default passwords! You must rename this account or transfer administrative privileges to another user. (side note: make sure this account has a very strong password as you don’t want just anybody to have control of your network.

    2.) Rename or disable the built in guest account
    As in the previous example this account is well know and is often a target of attacks.

    3.) Make sure your all the passwords on your network are strong ones!
    In windows 2000 and XP you can do this by using the policy editor.
    Enforce password history (set to 6 it’s a good number)
    Maximum password age (set to 60 or less)
    Minimum password length (set to 8, make sure higher level
    Accounts have better passwords of around 12 characters with
    Upper and lower case letters, symbols, and numbers)
    Password must meet complexity requirements (enable)
    Store password using reversible encryption for all users in the
    Domain (disable)

    4.) Set account lock out policy
    In the policy editor set the account lockout duration to 30 and set the account lock out threshold to 3. This will serve to help stop a “brute force” attack on your passwords.

    5.) Make sure to set your audit policies
    Setting these audits make help you to see an unusual pattern signifying an attack or problem. You should turn on these audits.
    Audit account logon events (success and failure)
    Audit account management (success and failure)
    Audit logon events (success and failure)
    Audit policy change (success and failure)
    Audit privilege use (success and failure)
    Audit system events (success and failure)

    6.) Disable NetMeeting desktop sharing
    This program is used to remotely control computers, and chances are you don’t use this anyway.

    7.) Remove the “everyone” group from shared folders.
    This default account is set to have full control of shared folders.

    8.) Disable internet connection sharing on computers
    If you are on a network your do not need this utility

    Well that about sums up everything I know so far. Feel free to add to this and make comments I am still trying to learn.

    Note: you may also want anti-spy ware programs on hand such as ad aware and spybot s&d

  2. #2
    It is not a bad tutorial.
    Perhaps the following will learn you even more:
    How to lock down your WinXP ...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts