Turn Admin5 server security lecture record

Turn Admin5 server security lecture record

July 15, 2017 lejlgizx 0

time: Tuesday, March 25th at 14-16

topic: server security lecture

QQ group: 56398857

Speaker: 4 years of history Liangjun in network server security work with

, we’re talking about a 2003 system,

first. When you install the system, first you need to make the disk partitions all unified, using the NTFS format

The

system installed after the first update all patches, the second is to play a good ARP patch, because the ARP vulnerability in Microsoft station can not download, hackers can use this vulnerability of large quantities of horse

second, modify the hard disk permissions.

NTFS system permissions settings, before use, each disk root plus Administrators, the user for all permissions (optional add SYSTEM user) delete other users,

enters system disk: permissions are as follows:

C:WINDOWS Administrators SYSTEM user all permissions Users user default permissions do not modify

other directories delete Everyone users, remember C:Documents, and, Settings, All, UsersDefault, User directories, and subdirectories

, such as C:Documents, and, SettingsAll, UsersApplication, Data directory, the default configuration retains the Everyone user rights

The permissions below the

C:WINDOWS directory also have to be noted, such as C:WINDOWSPCHealth and C:windowsInstaller, which also retain the Everyone permissions.

removes the C:WINDOWSWebprinters directory. The presence of this directory causes an extension of.Printers to be added to IIS, which can overflow

the default IIS error page is basically not used by many people. It is recommended to delete the C:WINDOWSHelpiisHelp directory

removes C:WINDOWSsystem32inetsrviisadmpwd, which is used to manage IIS passwords, such as 500

, because some passwords are not synchronizedWhen

is wrong, use OWA or Iisadmpwd to change the synchronization password, but you can delete it here. The settings mentioned below will eliminate the system

>

Leave a Reply

Your email address will not be published. Required fields are marked *