Windows 2003 Server - Quick & Easy Security Lockdown

Hi there, I have a few web servers running Windows 2003 Server (Standard), and I want to make sure they're relatively safe from security issues.  What are a few essential steps I should take to quickly make them relatively secure?

Would just enabling the Windows Firewall be enough?

Again, I'm looking for a basic lockdown...not looking to spend a whole lot on hardware or software at this point.  I just want to keep the basic hackers outs.

Thanks!
mediapandererAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

colin_harfordCommented:
By running Windows 2003 and IIS 6, you are doing a lot better.

Run a firewall, and filter out all ports not needed. Only need 80, 443, etc.

Use IIS Lockdown, and setup IIS 6 the way you need.

Unless needed, ensure the files used are in read only ACL.

Of course, keep up to date on patches.  


YOu can also install Windows 2003 SP1, and if you have newer hardware you can use the DEP protection.  Also included as an addin is the Security Configuration Wizard, which does a lot of work for you in locking down your server.  It can be found inside Add and Remove Software in Windows Components after installing SP1.

CH

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
colin_harfordCommented:
Oh, as part of IIS Lockdown, filter out undeeded extensions.

Cheers

CH
colin_harfordCommented:
OOps, IIS6 doesn't need the lockdown, you should have run it though if you were upgrading from IIS 5.0

CH
JavaScript Best Practices

Save hours in development time and avoid common mistakes by learning the best practices to use for JavaScript.

mediapandererAuthor Commented:
Sounds good!  So the Windows Firewall should be enough security?
colin_harfordCommented:
Yes, windows firewall will be fine.

Good practice would be try out the Security Configuration Wizard on one machine and see what it wants to change on your machine, cause this affects all aspects of securite, firewall, services, auditing, security policies, etc.

CH
mediapandererAuthor Commented:
Great, thanks!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.