Security Checklist for System Administrators
This tip is excerpted from Windows NT/2000 Network Security, by E. Eugene Schultz, published by New Riders.
- If you need high levels of security,
- change the Registry of critical servers to restrict null session access, or at least to limit access via shares and named pipes. Test these changes in a nonproduction environment first to ensure that they do not disrupt your operational environment.
- Observing the same constraints as in step 1, consider disabling the NetBIOS bindings if security needs so warrant.
- Ensuring first in nonproduction environment that no application breaks, consider disabling Administrative shares if security needs so warrant.
- Install the most recent SP in all your Windows hosts.
- Ensure that access to devices and programs that capture network traffic is properly limitedonly a few of the most trusted systems and network administrators should be given such access.
This was first published in November 2000