September 18th, 2003, 11:38 PM
win 2003, your views?
I surspect by now a few of you will of tried out the evaluation version of Windows 2003 Server. I just got a copy today, havn`t had the chance to put in on a box to check it out yet.
I just thought i`d see what peoples first impressions of it are. So if any of you have any personal thoughts on how MicroSofts new OS rates i`d like to hear them.
September 19th, 2003, 12:40 AM
Hey mate, I don't know if it will load either.............one thing that is true though....we have to make it work...or we are fired?
I am afraid that Mr Gates and his Corporation are that powerful?
September 19th, 2003, 01:22 AM
I just completed a production installation of 2003 Server.
It is much more secure than 2000 was, all ports and services are disable prior to shipping so it saves a ton of time by not having to secure everyting.
I set up a new server in a HS, very slick, will run on a 133 Mhz, 128 Mb or RAM, I would not recommend it.
My only recommendation if you wish to run the ADMT 2 tool on an NT 4.0 domain, you first need to put the 2003 server into the "windows 2003 server mode". That is not documented and I could not pull user data until that was accomplished.
September 19th, 2003, 02:30 AM
I like 2003 for the most part. It is fast, has better defined roles a nicer group policy editor interface and the impending enhanced access controls as far as what can be printed and emailed are very good. (I can't think of a system in the last 10 years or under $50,000 to support this.)
However, it is not more secure than Win2k, at this time no additional security functionality has been added and it is expected that the assurances have remained the same (time will tell as I don't feel like doing an ISO15408 audit myself) the secure by default really bothers me though. This is one of the worst things any discretionary system can do.
Why is default security bad you ask? because it is far simpler to calculate adding security (you'll notice functionality missing) than it is removing it (which may have unseen consequences of things being unlocked) but MS is trying to pander to lazy people with virtually no knowledge or resources for security (not unlike an OpenBSD mailing list.)
PS. I love IIS6, good stuff all around. ideally I'd run IIS6 on my Win2k system.
September 19th, 2003, 08:00 AM
I got windows server 2003 a few months ago. I installed it, and after a few days formatted my drive and put windows server 2003 away. Nothing on it worked at all. From dhcp to dns to iis nothing worked. I couldn't believe it. Havent heard much of it lately, but until i find out that it works on somebody elses machine i aint gonna touch it.
September 19th, 2003, 09:03 AM
I've not used 2003 but I did use a beta (called "Windows .NET server" at the time)...
My impression of IIS6 security is that it is much better, there is a new mechanism for disabling things which turns off all scripting by default (a GOOD thing, as 95% of IIS exploits are in script DLLs, mostly ones that people don't need anyway).
Nice to know that they've caught up with Apache (which has had all scripting disabled by default for at least 5 years)
It is a good feature but will confuse IIS admins who aren't aware of this.
I have no idea about the rest of the system - that's all I used it for
September 19th, 2003, 09:38 AM
Again, default hardening is just a silly thing. Disabling active content was not a complicated matter, in fact Microsoft made a tool for it "lockdown.exe." I do however like how IIS6 has incorporated much of URLScan's functionality and the ability to set different filters for different zones and not running entirely new servers like IIS5 called for.
September 19th, 2003, 11:29 AM
heres a link on win2k 2003 server
Windows Server 2003 plagued by incompatibility
The only way to make your PC go faster is to throw it out the window
Reading computer manuals without the hardware is as frustrating as reading sex manuals without the software.
A computer once beat me at chess, but it was no match for me at kick boxing
September 19th, 2003, 01:19 PM
I've set it up on one of my test machines and have had no issues to date. I'm currently in the process of rolling out a dev/prod environment for a client using win2k3 and the new sharepoint portal server.
As for locking things down out of the box, I have mixed feelings about that. On one hand I do like this as there are to many admins out there that do not understand security and end up leaving things wide open. On the other hand, when things are not locked down and it is up to the admin to secure them, that admin learns more about what his OS can and is doing. IMHO
just making some minor adjustments to your system....