Security Checklist for System Administrators
This tip is excerpted from Windows NT/2000 Network Security, by E. Eugene Schultz, published by New Riders.
- If you need high levels of security, change the Registry of critical servers to restrict null session access, or at least to limit access via shares and named pipes. Test these changes in a nonproduction environment first to ensure that they do not disrupt your operational environment.
- Observing the same constraints as in step 1, consider disabling the NetBIOS bindings if security needs so warrant.
- Ensuring first in nonproduction environment that no application breaks, consider disabling Administrative shares if security needs so warrant.
- Install the most recent SP in all your Windows hosts.
- Ensure that access to devices and programs that capture network traffic is properly limitedonly a few of the most trusted systems and network administrators should be given such access.