Solved

Important Services in Windows 2003,

Posted on 2006-06-12
3
377 Views
Last Modified: 2008-02-01
I would like to know more about important services in Win 2003 that should be set to disabled. In unix we had r-services, telnet as opposed to SSH. In there any services that should be set to disabled or replaced by newer services in Windows.
I have looked at MSB , CISE Security guide, but still confused which services have the greater impact on security.
0
Comment
Question by:kecoak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 14

Expert Comment

by:alimu
ID: 16891564
A good start is to not install anything you are not using (eg: don't install IIS if you're not using web services, don't install FTP if you're not using it, etc).
You can get Microsoft Baseline Security Analyser from Microsoft at http://www.microsoft.com/technet/security/tools/mbsahome.mspx which will identify major security issues you have.  It will show you problems, missing patches and also give you an explanation of what you need to do to correct issues.

How you lock down your server depends very much on what roles it plays, if you can tell us more about what functions it performs we may be able to provide more directed information.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16891696
usually by default, 2003 server is fairly locked down to a "whats needed" basis, most thins that arent needed but are an option are disabled by default, usually, you don't need to go playing with the services that you may need to one a client OS such as xp.....
0
 
LVL 4

Accepted Solution

by:
mattbcs earned 500 total points
ID: 16892461
One MAJOR point, as far as w2k3 server goes, is installing Service Pack 1. Lots of security fixes are included.

Go through the add/remove programs (windows components) and remove everything you don't absolutely need.
The next step is to go through the services, and evaluate exactly what services you need to run, and disable the rest.

As far as services to disable - it depends on the what the role of the server is going to be.

One more important thing - run windows update, but click on "MICROSOFT UPDATE" - Run that, and keep your updates frequent.

Thanks,
Matt
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question