With 2006 coming to a close, SearchWindowsSecurity.com has compiled the top five Windows server hardening tips of 2006. Testing is of course a top priority for any Windows security professional and with Kevin Beaver's tip, Domain controller penetration testing, you can develop a testing strategy to ensure that your primary domain controller is as secure as possible.
Also making our list are a small handful of tips on Windows Server 2003. We provide the new security features of R2 as well as a few helpful tidbits of which you might not be aware. Jonathan Hassell's tip, Locking down SMTP in Win2K and Windows Server 2003, gives a short set of instructions on how to secure the OS's email functionality.
Domain controller penetration testing
Domain controllers are the backbone of your Active Directory network. They require special care when testing their security. Contributor and penetration testing expert Kevin Beaver recommends some tactics and tools for testing DC security.
Checking access permissions with Server Share Check
Windows Server security permissions can get confusing. Contributor Brien M. Posey explains why NTFS permissions are better than share level permission and how to check permissions with Server Share Check.
Locking down SMTP in Win2K and Server 2003
Weaknesses in your SMTP service configuration can pave the way for DoS attacks and spammers. Contributor Jonathan Hassell recommends locking down the service with these configuration changes to secure your mail services and limit the impact of spam.
Finding extra security in R2
There are a number of security enhancements in Windows Server 2003 R2, but according to contributor Brien Posey, an administrative feature also serves as a security benefit. In this article, Posey explains and previews R2's file screening feature and how it can be used to better secure your Windows servers.
Windows Server 2003 R2's new security features: Federation, not firewalls
Windows Server 2003 R2 has been available for awhile, but which new features make an upgrade worthwhile? Contributor Serdar Yegulalp shares some of his favorite features of the new OS -- federation, ADAM and improved update services -- as well as some caveats.